HomeCyber BalkansFBI warns of ransomware actors targeting casinos through third parties

FBI warns of ransomware actors targeting casinos through third parties

Published on

spot_img

An FBI Private Industry Notification issued on Tuesday revealed that ransomware threat actors are increasingly finding access to casinos through third-party vendors. The Nov. 7 notification focused on initial access, the method used by threat actors to infiltrate a victim’s network.

The notification highlighted various ransomware trends observed by the FBI, including the exploitation of vulnerabilities in vendor-controlled remote access to casino servers. Additionally, the FBI noted that small and tribal casinos have been targeted by ransomware attacks, resulting in the encryption of servers and the compromise of personally identifying information (PII) belonging to employees and patrons.

The notification emphasized that between 2022 and 2023, ransomware attacks had compromised casinos through third-party gaming vendors. However, specifics regarding the gaming vendors involved and how they were compromised were not disclosed by the FBI.

The timing of the notification coincided with the disclosure of high-profile social engineering attacks against industry giants, Caesars Entertainment and MGM Resorts. In the case of MGM, the Alphv/BlackCat ransomware gang claimed responsibility for the attack, causing significant disruptions at MGM hotels and casinos for several days.

Another concerning trend highlighted in the notification was the victimization of companies through the use of legitimate system management tools to elevate network permissions. The FBI pointed to a campaign by the Luna Moth ransomware gang, notorious for callback phishing, where victims were duped into installing legitimate system management tools that were then repurposed for malicious activities.

The FBI proposed several mitigations for organizations looking to enhance their identity and access management practices. These included the implementation of phishing-resistant multifactor authentication, regular review of networks for new or unrecognized accounts, and configuring user access controls according to the principle of least privilege.

The FBI’s efforts to provide timely and relevant information to organizations underscore the severity of the ransomware threat and the importance of implementing robust cybersecurity measures. The implications of ransomware attacks on small and tribal casinos as well as larger gaming vendors have far-reaching consequences, highlighting the need for increased vigilance and preparedness within the gaming industry.

Source link

Latest articles

Finland Detains Tanker Believed to Have Damaged Undersea Cables

Finnish authorities took action on Thursday by boarding an oil tanker suspected of causing...

Elderly man loses Rs 25L in cyber fraud scam in Ranip

An elderly man from Rashtradeep Society, Ranip, fell victim to a sophisticated cyber fraud...

Exploring Hacker Forums Reveals Key Details about Space Cyber Attacks

Recent cyberattacks targeting the space sector have raised concerns within the international community, particularly...

Two Californians Accused in the Biggest NFT Fraud Case So Far – Source: hackread.com

Two California men have found themselves at the center of what has been labeled...

More like this

Finland Detains Tanker Believed to Have Damaged Undersea Cables

Finnish authorities took action on Thursday by boarding an oil tanker suspected of causing...

Elderly man loses Rs 25L in cyber fraud scam in Ranip

An elderly man from Rashtradeep Society, Ranip, fell victim to a sophisticated cyber fraud...

Exploring Hacker Forums Reveals Key Details about Space Cyber Attacks

Recent cyberattacks targeting the space sector have raised concerns within the international community, particularly...