MGM Cyber Breach Looks Like ‘Widespread Ransomware Attack’

Posted on: September 13, 2023, 09:49h. 

Last updated on: September 13, 2023, 01:19h.

MGM Resorts International (NYSE: MGM) is still dealing with the impact of a large-scale cybersecurity breach. While the casino operator hasn’t commented to this effect, at least one industry insider believes the event has the hallmarks of a ransomware attack.

MGM hack
An expert says the cyberattack affecting MGM is likely one of the ransomware variety. (Image: iStock/Getty)

In ransomware infiltrations, hackers essentially hold an entity’s computer systems hostage, forcing victims to pay when their backs are against the wall. As corporate America, including the gaming industry, is increasingly tasked with safeguarding customer data and is more reliant on technology, ransomware attacks’ profitability is also rising.

If past performance in this industry is an indicator, then we could anticipate MGM paying the ransom if they see no other option,” noted Fergal Lyons, cybersecurity evangelist with Centripetal, in comments supplied to Casino.org. “Cybercriminals are finding ransomware to be a lucrative industry, capitalizing on vulnerabilities and exploiting careless employees.”

Late Tuesday, Las Vegas-based MGM issued a statement, saying it “recently identified a cybersecurity issue affecting certain of the Company’s systems,” and that it’s working with law enforcement on the matter. However, the casino operator did not use the term “ransomware.” Nor did it mention if the perpetrators of the hack have made financial demands.

If MGM Pays Ransom, It Must Tell Investors

Should it become clear that the Bellagio operator is, in fact, the victim of a ransomware attack and that a ransom is paid, such information must be disclosed to investors, because MGM is a publicly traded company. That mandate was recently instituted by the Securities and Exchange Commission (SEC).

The stipulation is that the event be deemed “material,” though the SEC doesn’t outline monetary guidelines for what constitutes material. The commission requires that public companies affected by cyber breaches that cause financial loss file an Item 1.05 Form 8-K within four days after the impacted party confirms material effect.

Some cybersecurity professionals believe it’s unsurprising that a gaming company was targeted in a large-scale cybersecurity breach, because companies are stewards of copious amounts of sensitive personal data because of the travel and leisure industry’s consumer-facing nature.

“As such, the sector becomes an attractive target for cybercriminals seeking financial gain or to exploit vulnerabilities for malicious purposes,” added Erfan Shadabi, cybersecurity expert with Comforte AG. “The MGM Resorts incident is emblematic of this overarching challenge. Recognizing the pivotal role technology plays in enhancing guest experiences, optimizing operations, and facilitating global connectivity, the tourism industry must allocate resources to bolster its cybersecurity posture.”

Big Spending Required to Up Cybersecurity

Cyber thieves are increasingly cunning and are diversifying how they can harm corporations and governments, indicating proactive spending is needed. Centripetal’s Lyons observed that cyber criminals are so technologically proficient that their attacks are now bespoke or tailored to specific industries.

The MGM hack underscores how digital transformation increases the attack surface and how physical infrastructure can be disrupted by a cyberattack,” said Tom Kellermann, senior vice president of cyber strategy at Contrast Security in the comments. “Guards, guns and vaults cannot defend against cyber-intrusions.”

As for cybersecurity spending, it’s estimated that domestic companies spent nearly $71.7 billion last year on such expenditures. The rule of thumb extolled by some in the tech community is that 9% to 14% of corporate tech budgets should be allocated to cybersecurity.