MGM Resorts, one of the largest resort and casino chains in the United States, is currently battling to recover from a cyberattack that struck its systems on September 10. The attack has caused widespread disruption to the company’s operations, particularly in Las Vegas where MGM Resorts is the largest single employer.
Guests at MGM Resorts hotels have reported being locked out of their hotel rooms due to issues with their key cards, forcing security personnel to use old-fashioned keys to grant them access. Additionally, slot machines on casino floors have been rendered inoperable. These issues have led experts to suspect that the cyberattack was a ransomware attack, a type of attack where hackers encrypt an organization’s files and demand a ransom to restore access.
MGM Resorts, which owns several hotels on the famous Las Vegas Strip, has nearly 50,000 guest rooms in the area alone. The company issued a statement acknowledging the cybersecurity issue and stating that they had initiated an investigation with the help of external cybersecurity experts. They also alerted law enforcement and took steps to protect their systems and data by shutting down certain systems.
As of now, MGM Resorts’ websites are still offline, and customers are being directed to make reservations by phone. The investigation into the incident is ongoing, and MGM Resorts is working closely with law enforcement to determine the source of the attack.
Despite the cyberattack, MGM Resorts has assured the public that its resorts, including dining, entertainment, and gaming facilities, are still operational and providing the experiences for which the company is known. However, the impact of the attack on the company’s reputation and customer confidence remains to be seen.
Cybersecurity experts analyzing the attack believe that it was most likely a ransomware attack. The widespread outages and disruptions align with the tactics commonly used by ransomware attackers. However, at this early stage, other possibilities such as a distributed denial-of-service (DDoS) attack or an advanced persistent threat (APT) group cannot be ruled out.
Cybersecurity professionals also point out that the targeting of MGM Resorts’ awards program suggests that the attackers were specifically interested in obtaining sensitive customer data. This indicates a level of sophistication in the attack, as the hackers were able to gain control over interconnected systems, including ATM and slot machines, electronic room keys, and rewards programs.
Some experts speculate that the breach may have originated from an insider threat, as past casino cyberattacks have often involved compromised user accounts. MGM Resorts operates in multiple cities, and the fact that the attack affected casinos in various locations suggests a significant breach that may have spread rapidly.
The prospect of MGM Resorts paying the ransom demand is also raised by cybersecurity professionals. Certain industry observers believe that the company may have no other choice if they are unable to recover their systems in a timely manner. The rise of ransomware attacks in recent years has proven to be a lucrative industry for cybercriminals, with companies increasingly finding themselves vulnerable to exploitation.
As MGM Resorts continues to grapple with the cyber incident, recovery efforts are heavily dependent on the company’s security teams. Their ability to implement an effective incident response plan and swiftly address the breach will be critical in minimizing the damage caused by the attack and safeguarding the company’s future operations.
Overall, the cyberattack on MGM Resorts has exposed vulnerabilities within the organization’s systems and raised concerns about the security of customer data. As the investigation continues, it is imperative that MGM Resorts takes necessary steps to prevent similar incidents in the future and rebuild trust with its customers.