News this week has been dominated by the story of over a dozen MGM Hotels & Casinos that have had to shut down operations after a cyberattack against their computer systems. First announced on Sunday, systems at a dozen MGM properties were suddenly inoperable, paralyzed by a breach stemming from a highly targeted phishing attack.
Despite assurances from MGM Resorts International that daily operations had resumed, guests of the resort continued to report the opposite, posting photos online of offline slot machines.
As reported in USA Today, to contain the incident, MGM Resorts International began working with external cybersecurity experts to remediate and contain the breach.
Not long after the attack, VX Underground, a not-for-profit group that establishes contact with cyber-crime groups and documents patterns and activity, reported the incident to be caused by a threat group named AlphV BlackCat, infamous for many high-profile attacks – including those against Suffolk County, NY in 2022.
The FBI has been made aware of the incident, but characterized the event as ongoing, according to The Associated Press.
Businesses of all sizes that deal with sensitive data are targets of cyber criminals and must implement cybersecurity services to help mitigate risks. This well-publicized event serves as a reminder of the importance of being prepared for a potential cybersecurity incident at any time.
Your business needs a proper information security plan to handle cybersecurity threats now and in the future. Creating a plan and revisiting it annually is recommended. Example cybersecurity measures your business must implement includes:
Ramp up your cybersecurity posture and protect sensitive data. Sourcepass can help.
Dan Levy is the Sourcepass Security Engineering Lead. Reach out to Dan at (877) 678-8080.