One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8419832 |
| Date de publication | 2023-12-07 11:00:00 (vue: 2023-12-07 11:07:38) |
| Titre | Casinos de Las Vegas ciblés par des attaques de ransomwares Las Vegas casinos targeted by ransomware attacks |
| Texte | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Introduction: Ever since the invention of internet browsers for personal computers came about in the 1990s, cybercrime has been on the rise. Almost 30 years after the invention of the Worldwide Web, cybercriminals have a variety of different methodologies and toolkits that they use on a daily basis to leverage vulnerabilities and commit crime. One of the most popular types of attacks that is used by threat actors is a ransomware attack. Most recently, several Las Vegas Casinos fell victim to a series of ransomware attacks. Las Vegas hacks: In mid-September 2023, two of the biggest Las Vegas casino and hotel chains found themselves to be victims of ransomware attacks. The two organizations that were targeted were Caesars Entertainment and MGM Resorts International. MGM Resorts International: The attack against MGM was first reported on September 11, 2023, when MGM personnel put out a public statement stating that a “cyber security incident” had affected some of its systems. On the days following this statement many guests reported numerous problems with the casino and the hotel operations of the company. On the casino side, many guests reported problems with slot machines and payout receipts. The slot machines in some of the MGM casinos were completely inoperable and, in the casinos, where they were operational, the machines were not able to print out the cash-out vouchers. On the hotel side, many of the organization\'s websites were inaccessible for a while after the attack. Guests across multiple MGM hotels reported issues with their mobile room keys not functioning, and new arrivals reported wait times of up to six hours to check in. A hacking group known as Scattered Spider has taken credit for the ransomware attack against MGM Resorts International. Scattered Spider first appeared in the cyber threat landscape in May 2022 and is thought to be individuals ages 19-22 and based out of the UK and USA. The attackers carried this attack out in three phases. The first phase was reconnaissance, in which they stalked the company’s LinkedIn Page and the employees that work there. The second phase of the attack was a vishing attack against MGM’s IT help desk. A vishing attack is when someone uses phone calls or voice communication to trick the victim into sharing personal information, credit card numbers, or credentials. Using the information they gathered on LinkedIn; the attackers were able to impersonate an MGM employee and tricked the help desk into giving them credentials into MGM systems. The attack\'s third phase was launching ransomware developed by another hacker group, ALPHAV. Scattered Spider rendered multiple systems throughout the organization useless unless the ransom is paid. Currently it is not known if MGM paid the ransom, but all casinos are once again fully operational. Caesars Entertainment: Days after MGM reported it had been hacked, Caesars Entertainment group disclosed to the SEC that they were also victims of a cyberattack around the same time as MGM. In a statement to the SEC, Caesar’s reported that confidential information about members of its customer loyalty program was stolen. Caesar’s representatives stated that the hackers were able to break into computer systems through a social engineering attack on an IT support contractor. Not much information is available about the execution of this attack. The use of a social engineering attack has led many people to believe that Scattered Spider was also behind this attack. The hackers demanded that Caesar’s pay a ransom of $30 million. It is reported that the organization paid $15million to the hackers and the company has “taken steps to ensure the stolen information is deleted by the hacker but canno |
| Envoyé | Oui |
| Condensat | $15million $30 “cyber “taken they 1990s 2022 2023 able about access across act actors adopt affected after again against ages all allowed almost alone alphav already also although america another any appeared are around arrivals article at&t attack attackers attacks author available based basis becoming been began begun behind being believe beneficial better biggest both break bringing browsers business but caesar’s caesars calls came can cannot capabilities card carried cases cash casino casinos chains chances change check com: commit communication company company’s completely computer computers conclusion: confidential content contractor control couple creating credentials credit crime currently customer cyber cyberattack cyberattacks cybercrime cybercriminals cybersecurity daily data days deleted demanded desk developed different disastrous disclosed distributed does dollars doom effective employee employees endorse engineering enough ensure entertainment entertainment: equally established even ever every evolves execution experience expertise failing fell first focus following form formed forms found from fully function functioning gain gateway gathered gives giving group guarantee guests hacked hacker hackers hacking hacks: had has have headlines help hole holistic hotel hotels hours house how however humans impersonate implementation importance important importantly inaccessible incident” individuals infiltrated information infrastructure initial inoperable intelligence interesting international international: internet introduction: invention issues its just keep keys known landscape las launch launching learned led leverage link linkedin linkedin; loyalty machines make managed management managing many may means members methodologies mgm mgm’s mid million mobile more most much multiple name necessary new next not numbers numerous offers once one ones operational operations organization organizations other out over page paid part pay payout people perimeterwatch personal personnel phase phases phishing phone popular positions post print problems procedures processing program proper protected provide provided public put ransom ransomware rate rather receipts recently reconnaissance reduce rely rendered reported representatives resorts responsibility result” rise room same scattered sec second secure security see seen september series serve set several sharing should show side simple simply since six slot smishing social solely solutions solve some someone sophisticated spend spider staggering stalked stated statement stating steps stolen such support sure susceptible systems tactics take taken targeted targets technical technologies than them themselves these third thought thousands threat threats three through throughout time times toolkits total training trick tricked truly two types unless usa use used useless uses using variety vegas victim victims views vishing voice vouchers vulnerabilities wait warning watering weakest web websites well whaling what when where whether which why will without work worldwide would www year years your |
| Tags | Ransomware Vulnerability Threat Mobile Technical |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.