Casino Giants, MGM and Caesar’s, Held Hostage by Cyber Criminals

Hackers Bring Las Vegas Strip’s Casinos to Their Knees

A group of hackers aged between 19 and 22, known as “Scattered Spider,” have paralyzed the systems of MGM Resorts International, one of the largest hospitality and entertainment companies in the world, bringing the Las Vegas Strip’s casino-hotels to a standstill. The cyberattack was disclosed by MGM in a regulatory filing on Sep. 12. Despite MGM’s claims of resolving the issue, social media posts suggest that the casino’s slot machines, hotel communication systems, and other services have been inoperable for four days. This has led to long check-in lines, non-functional room access cards and ATMs, and the inability to use food, beverage, and free play credits. The situation has forced the resort to resort to manual cash payouts and physical room keys, resulting in a slow and clunky process. MGM is currently investigating the breach along with the FBI, and Moody’s has warned that this incident could negatively impact MGM’s credit rating due to its heavy reliance on technology.

In a similar cyberattack, Caesar’s Entertainment, another major casino operator with a value of $12 billion, was victimized by the same hackers, Scattered Spider. The attackers demanded a $30 million ransom from Caesar’s, and the company ended up paying around half of that amount. It has been reported that MGM was also targeted with a ransom demand, but the details of the amount and affected systems are still unclear.

Scattered Spider’s Modus Operandi

Scattered Spider relies on social engineering techniques to gather login credentials and OTP codes, allowing them to bypass multi-factor authentication. They have previously targeted telecom and business process outsourcing companies to perform SIM swaps, which are then used in phishing attacks to steal data and extort ransoms.

In the case of Caesar’s, the hackers first breached an outside IT vendor to gain access to the company’s network. With MGM, they collaborated with a ransomware-as-a-service group called ALPHV, also known as BlackCat, and utilized a short telephone conversation to exploit vulnerabilities and gain access to MGM’s systems.

According to cybersecurity experts, Scattered Spider poses a serious threat to large organizations in the United States. Despite being younger and less experienced than other cybercriminal groups, they are highly effective social engineers and skilled at exploiting weaknesses in security systems.

The Impact and Vulnerability of Casinos

The revenue generated by MGM’s Las Vegas Strip properties is approximately $13 million daily on average. With 30 hotel and gaming venues worldwide, a dozen of which are located on the Vegas Strip, the recent cyberattack has had a significant impact on the company. In addition, the websites for MGM’s flagship resorts, including MGM Grand, Mandalay Bay, Bellagio, Aria, and The Cosmopolitan, have been inaccessible for days. The casino operator’s stocks have also dropped in response to the breach.

Casino cyberattacks are not uncommon, as casinos are prime targets for financially motivated crimes. Their cybersecurity measures are often lacking, making it easier for hackers to disrupt operations and demand ransom payments. The attention garnered by these attacks also attracts copycats, further increasing the risk for casinos worldwide.

Overall, this recent cyberattack on MGM Resorts International and Caesar’s Entertainment serves as a reminder of the potential vulnerabilities faced by large organizations in the hospitality and entertainment industry. It highlights the need for robust cybersecurity measures to protect sensitive data and ensure uninterrupted operations.


Denial of responsibility! Vigour Times is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
DMCA compliant image

Leave a Comment