Unveiling the Ransomware Threat: Learning from the MGM and Caesars Hacks

• Cyberattack

The recent cyberattacks on MGM Resorts and Caesars Entertainment have disrupted their services and exposed the relentless threat of ransomware. Despite the high-profile nature of these attacks, they merely represent the tip of the cybersecurity iceberg.

“The more attention the problem gets, the more policymakers may try new strategies. And new strategies are desperately needed. Ransomware is at or close to record level, so the current strategies are not working.” - Brett Callow, Emsisoft.

The MGM and Caesars Hacks

MGM and Caesars have been battling widespread system outages and service disruptions following their cyberattacks. MGM customers reported issues with keycards, dark slot machines, and non-functional ATMs. On the other hand, Caesars Entertainment suffered a data breach by stealing personal data such as Social Security and driver's license numbers of its loyalty program members.

These incidents offer a glimpse into ransomware attacks' persistent and pervasive threat. The notorious ransomware group Alphv, also known as BlackCat, claimed responsibility for the MGM attack, although it denied involvement in the Caesars hack. It's worth noting that MGM suffered a similar breach in 2019, where the data of over 10.6 million hotel customers was stolen and published online by hackers.

The Vicious Cycle of Ransomware Attacks

The recent casino hacks reveal a larger cycle of cyberattacks that continually threaten the digital landscape. High-profile cyberattacks attract attention and can spur governments into action, but ransomware and data extortion attacks typically recede into the background, continuing to wreak havoc on vulnerable populations.

Lesley Carhart, director of incident response at the industrial-control security firm Dragos, explains, “Attacks against casinos are dramatic and draw attention. However, many life-impacting attacks on critical infrastructure and healthcare occur far less visibly, which makes them less appealing for mass media coverage.”

Strategies Against Ransomware Attacks

Ransomware attacks continue to increase despite the current strategies to deter cyber criminals and discourage victims from paying ransoms. Brett Callow, a threat analyst at Emsisoft, suggests that governments should consider imposing more restrictions on when ransoms can be legally spent. However, each high-profile incident provides an opportunity to raise awareness and encourage institutions and legislators to invest in improving their digital defenses. Wendi Whitmore, Senior Vice President of Unit 42 at Palo Alto Networks, notes that these incidents can educate organizations and help them close potential gaps in their environments, making them less vulnerable to future attacks.