MGM Resorts announces it has been victim of a cyberattack

MGM Resorts announces it has been victim of a cyberattack

MGM Resorts recently announced it has been the victim of a malicious cyberattack.

The organisation published a statement on its website: ‘MGM Resorts recently identified a cybersecurity issue affecting certain of the company’s systems. Promptly after detecting the issue, we began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and are taking steps to protect our systems and data, including shutting down certain systems. Our investigation is ongoing and we are working diligently to resolve the matter. The company will continue to implement measures to secure its business operations and take additional steps as appropriate.’

Cliff Martin, Head of Cyber Incident Response at GRCI Law, responded to the news: “This week has been particularly challenging for MGM due to the recent ransomware attack orchestrated by ALPHV/BlackCat. It serves as a stark reminder that no matter how much an organisation invests in technology, a single lapse in human judgment can open the door to threat actors. This incident underscores the critical importance of human training in cybersecurity.

“Remarkably, it has been reported that the threat actors managed to breach MGM’s IT environment in just 10 minutes by leveraging a simple social engineering tactic, initiating contact with an unsuspecting target who was identified on LinkedIn. This breach subsequently led to the compromise of all critical IT systems within MGM, resulting in a severe blow to the company’s reputation. As aptly pointed out by EvilSec on X, ‘Vishing’ — or voice phishing — has become shockingly prevalent in a landscape where individuals may not prioritise cybersecurity.

“Employees, already burdened and fatigued by their workloads, often become susceptible to such tactics, making it alarmingly easy for threat actors to exploit these vulnerabilities. It is imperative for organisations to establish a robust incident response plan to effectively address cybersecurity incidents as they inevitably occur. Regardless of an organisation’s size, it is not a question of ‘if’ but ‘when’ a cybersecurity incident will happen. Being well prepared is key to minimising its impact and protecting what is important. The earlier an incident can be detected, the better.”

Erfan Shadabi, Cybersecurity Expert at comforte AG, also offered some thought: “In an era where Digital Transformation is reshaping the way the tourism industry operates, the reliance on interconnected systems and data-driven processes has never been greater. As such, the sector becomes an attractive target for cybercriminals seeking financial gain or to exploit vulnerabilities for malicious purposes. The MGM Resorts incident is emblematic of this overarching challenge.

“Recognising the pivotal role technology plays in enhancing guest experiences, optimising operations and facilitating global connectivity, the tourism industry must allocate resources to bolster its cybersecurity posture. To that purpose, data-centric security stands as the most effective approach in safeguarding organisations within the tourism industry due to its inherent focus on protecting the core asset that cybercriminals seek to exploit: data itself. Rather than relying solely on perimeter defences and assuming that all breaches can be prevented, data-centric security recognises the inevitability of potential breaches and prioritises securing the data at its very essence. By doing so, this approach not only fortifies an organisation’s defences but also ensures that even if a breach occurs, the stolen data remains indecipherable and effectively useless to malicious actors.”

Browse our latest issue

Intelligent CISO

View Magazine Archive