As a Managed Security Service Provider (MSSP) company, we find it imperative at Versetal to evaluate these events and underline the critical importance of robust cybersecurity measures.
September 19, 2023
Nicole Quigley
In an era where technology reigns supreme, even the glitzy world of casinos is not immune to the growing threat of cyberattacks. Recent headlines have shown that even the giants of the entertainment industry, such as Caesars Entertainment and MGM Resorts, are vulnerable to the ever-evolving tactics of cybercriminals.
 
As a Managed Security Service Provider (MSSP) company, we find it imperative at Versetal to evaluate these events and underline the critical importance of robust cybersecurity measures.

The Cybersecurity Wake-up Call

Caesars Entertainment recently paid approximately half of a $30 million ransom following a cyberattack that took place in the late summer. This incident serves as a stark reminder of the real and present danger posed by cybercriminals. What is particularly concerning is the method employed by the attackers: a social-engineering scheme that fooled an employee into changing a password.
 
This raises a crucial point: no matter how sophisticated your cybersecurity infrastructure may be, the human element remains a vulnerable entry point for cyberattacks. In this case, the attack on Caesars stemmed from a social engineering attack on an outsourced IT support vendor. This highlights the need for comprehensive employee training and strict verification protocols to prevent such incidents.

The Data Breach Fallout

Following the attack, Caesars discovered that the attackers had gained access to sensitive information, including driver’s license numbers and social security numbers of numerous loyalty program members. While it’s fortunate that passwords and financial data were not compromised, the potential consequences for affected individuals cannot be underestimated.
 
Casinos, like many businesses, collect vast amounts of personal and financial data from their customers. As tempting targets for hackers, they must prioritize cybersecurity and invest in the latest technologies and best practices to protect this sensitive information.

Not All Companies Pay Ransom

It’s worth noting that not all companies opt to pay ransom in the face of cyberattacks. While Caesars chose to pay to avoid data loss and business disruptions, paying a ransom is a risky strategy. The Federal Bureau of Investigation (FBI) explicitly advises against it, as there is no guarantee of recovering the funds, and it may even embolden attackers to strike again.

The Growing Threat to the Gaming Industry

The gaming industry has become a prime target for cyberattacks in recent years. Caesars and MGM Resorts are not isolated incidents; rather, they are part of a broader trend. Ransomware and extortion attacks are on the rise, with hackers often threatening to disclose sensitive information. Payment is frequently demanded in digital currencies like Bitcoin.
 
This summer, gaming companies have borne the brunt of these attacks, with victims both in the U.S. and abroad. The attackers are indiscriminate in their choice of targets, focusing on organizations with weaker security postures. Cybersecurity has become a paramount concern for all businesses, regardless of their industry.

Preventative Measures and Reporting Requirements

In light of these escalating threats, both the Securities and Exchange Commission and the Nevada Gaming Commission have enacted new rules mandating prompt reporting of cybersecurity incidents. These rules aim to ensure transparency and accountability in the event of an attack. Companies must not only report incidents but also take proactive measures to safeguard their systems, perform regular cybersecurity assessments, and investigate any breaches.
 
As the cybersecurity landscape continues to evolve, businesses must remain vigilant and proactive. The events at Caesars Entertainment and MGM Resorts serve as a stark reminder of the stakes involved. The cost of a cybersecurity breach extends far beyond the ransom; it includes damaged reputation, legal repercussions, and the potential loss of customer trust.
In conclusion, the incidents at Caesars and MGM Resorts are a testament to the critical role of cybersecurity in today’s digital world. Every organization, regardless of its industry, must prioritize cybersecurity and invest in the necessary tools, training, and protocols to protect against evolving threats. As a MSSP company, Versetal stands ready to assist businesses in fortifying their defenses and navigating the ever-changing landscape of cybersecurity. Your digital security is our top priority, and together, we can defend against cyber threats and secure a safer digital future.
 

Learn more about how we can help your organization build, manage, and maintain the most secure IT environment for your business with our award-winning security practice.

Learn how Versetal can help you with your IT Ops