The information technology systems of MGM Resorts International are still shut down since as early as the evening of Sunday, September 10, 2023 due to a cybersecurity issue at the time this article was written — this issue has been affecting MGM Resorts International casino properties in other locations as well — so does paying ransom resolve cybersecurity issues?
Does Paying Ransom Resolve Cybersecurity Issues?
Accessing the official Internet web site of MGM Resorts International is not possible at the time this article was written, as the investigation is still ongoing as to how to resolve this issue. Supposedly claiming responsibility for what happened with MGM Resorts International is “BlackCat”, which is a gang of malicious individuals who are based in Russia.
“All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk”, according to what was posted at the official Twitter — er…X — account of vx-underground, which is a research group for what is known as malware. “A company valued at $33,900,000,000 was defeated by a 10-minute conversation.”
All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk.
A company valued at $33,900,000,000 was defeated by a 10-minute conversation.
— vx-underground (@vxunderground) September 13, 2023
The ALPHV ransomware group reportedly issued a lengthy statement which refutes the claim in part.
As a result, the information technology systems of MGM Resorts International was forced to be taken off-line, as reservation systems, automated teller machines, slot machines, and credit card machines — as well as Internet web sites — were affected by the breach of security.
MGM Resorts International has since filed of FORM 8-K to the Securities and Exchange commission of the United States on Tuesday, September 12, 2023.
Because computer systems are currently inoperable, the lines to simply check in at many of the hotel, resort, and casino properties are reportedly long enough to last for as many as three hours.
The hotel check-in line at the Excalibur is wild pic.twitter.com/IiKNn9aYiN
— Las Vegas Locally 🌴 (@LasVegasLocally) September 14, 2023
Current as of 9/14/23 8:30 am. #mgmhack #vegas #lasvegas #vegasstarfish pic.twitter.com/E9CoYA02do
— Jen G. (@vegasstarfish) September 14, 2023
MGM Resorts International is not the only casino company which suffered a cybersecurity attack recently. Caesars Entertainment, Incorporated also recently revealed that a cybersecurity attack on its systems occurred on Thursday, September 7, 2023:
“Caesars Entertainment, Inc. (the “Company,” “we,” or “our”) recently identified suspicious activity in its information technology network resulting from a social engineering attack on an outsourced IT support vendor used by the Company. Our customer-facing operations, including our physical properties and our online and mobile gaming applications, have not been impacted by this incident and continue without disruption”, according to this filing by Caesars Entertainment, Incorporated of FORM 8-K to the Securities and Exchange commission of the United States. “After detecting the suspicious activity, we quickly activated our incident response protocols and implemented a series of containment and remediation measures to reinforce the security of our information technology network. We also launched an investigation, engaged leading cybersecurity firms to assist, and notified law enforcement and state gaming regulators. As a result of our investigation, on September 7, 2023, we determined that the unauthorized actor acquired a copy of, among other data, our loyalty program database, which includes driver’s license numbers and/or social security numbers for a significant number of members in the database. We are still investigating the extent of any additional personal or otherwise sensitive information contained in the files acquired by the unauthorized actor. We have no evidence to date that any member passwords/PINs, bank account information, or payment card information (PCI) were acquired by the unauthorized actor.”
Caesars Entertainment reportedly revealed and acknowledged that a ransom of approximately $15 million was paid to an entity that was responsible for the aforementioned cyberattack on its systems in order to avoid the online leak of customer data — such as driver’s license numbers and Social Security numbers — that was stolen. The initial demand was for a reported $30 million. This portion of the news was not revealed at the official Internet web site of Caesars Entertainment; but rather through countless mainstream media sources and social media sources.
Day 3 Update: MGM Resorts International is still under a Cyber Security Attack in Las Vegas and around the globe. Guest and Employee data, security and experiences have been tremendously impacted. Significant leaks of information have lead to the disclosure that Caesars… pic.twitter.com/1wyYNpBwZO
— Jen G. (@vegasstarfish) September 13, 2023
Final Boarding Call
Many cybersecurity attacks are really no different than kidnappings — except they occur using valuable data instead of live people.
To me, paying a ransom legitimizes what the nefarious entities have done and satisfied their demands. That, in turn, only fuels the greed to continue performing the kidnapping of valuable data and information further — perhaps with increasingly egregious demands, as they have been funded with money to further improve their operations.
Paying a ransom is not the answer, in my opinion. Fortifying and strengthening the security of digital data and information should be the paramount concern of multinational companies which store it. I would bet that $30 million — or even $15 million — would have at least partially helped to secure the information technology systems of multi-billion dollar corporations. Similar to continuously ensuring that law enforcement organizations have the equipment to counter dangerous criminal activity, companies must continuously ensure that they have the technology to counter increasing sophisticated cyberattacks.
Unfortunately, data breaches have become the norm rather than the exception in the world of frequent travel loyalty programs, as demonstrated by the incidents involving British Airways, Delta Air Lines, Hyatt Corporation, Hilton, Kimpton Hotels and Restaurants, Facebook, Equifax, and other various companies in recent years. Protecting your sensitive information has become almost impossible to do…
…and yet, few measures are in place to rectify the potentially disastrous results which could possibly occur from these data breaches — as though few corporations and government entities are unconcerned about confronting the seriousness of such breaches and attacks.
I am uncertain at this time as to what is the answer — but this trend simply cannot continue unchecked, in my opinion…
…and innocent victims of such breaches and attacks should not be subject to the significant effort and cost just to maintain the integrity of their personal information. which could result in identity theft and other nightmarish experiences. Stricter and more secure measures — which are transparent to individual consumers — should be employed as soon as possible to either mitigate or eliminate similar incidents in the future.
We live in a world which is highly dependent upon electronic transactions. As a customer, you deserve to be reassured by the companies which you patronize that your personal and financial data is indeed protected — and more than adequately at that.
The bottom line is that your data is at risk; but many companies do not seem to go the extra mile to ensure that it is kept safely. Often, the companies will evoke a lackadaisical and cavalier attitude to downplay the seriousness of the compromise of your valuable information — which can lead to an erosion of trust by the customer…
…but as long as companies continue to not treat the security of the data and information they store as a top priority, this avoidable, expensive, and counterproductive ludicrousness will continue.
If a company of any size chooses to store valuable data and information of its customers on its own, it behooves that company to ensure that the information technology system which it employs is as secure as possible, as it could save money — and unwanted publicity — in the future.
Photograph ©2022 by Brian Cohen.