MGM international has disclosed it is dealing with a cybersecurity issue that impacted some of its systems. During mid-September the corporation suffered an incident that took several systems offline for most of the week.
It is suggested that the Scattered Spider hacking group (who also work under the codename UNC3944) was behind the cybersecurity incident. This criminal group is currently targeting the gaming and hospitality industry.
Scattered Spider is believed to be a group of young adults based in the U.S. and the U.K. who are well known for using various forms of social engineering to launch their attacks. This is a mix of techniques aimed at talking a target into revealing specific information or performing a specific action for illegitimate reasons.
In this it is speculated that the attack was directed towards the entertainment venue’s IT helpdesk. The hackers have been known to use a combination of telephone, email, snail mail and direct contact in order to gain illegal access.
Looking into this attack on MGM Resorts International, for Digital Journal is Ariel Parnes: former Head of the Cyber Department for the Israeli Intelligence Service, winner of the Israel Defense Prize for significant technological innovations in the cyber field. Parnes currently works for Mitiga.
Parnes begins by looking at official correspondence from MGM, noting that the communication is somewhat sketch: “While MGM’s official statement provided a broad overview of the incident, there are still many questions unanswered. The specifics of the breach, the extent of the data accessed, and the potential ramifications remained unclear, which is to be expected given its ongoing nature.”
This creates a problem for the company, as Parnes points out: “This lack of clarity inevitably paves the way for a plethora of rumours and speculations.”
Asa to why the casino group are reticent about disclosing more, Parnes speculates: “The veracity of the information released by MGM’s attacker remains uncertain. It is entirely possible that this disclosure is part of a calculated psychological campaign aimed at exerting added pressure on MGM.”
The analysis continues: “Such tactics can be employed to sow doubt, create internal discord and further the attacker’s agenda, making it imperative to approach such claims with caution and scepticism.”
“Even if the statement does not describe the true story, it sheds some light on how attackers can leverage the inherent complexity of hybrid environments with on-premises data centres, Cloud and SaaS (Software as a Service).”