Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Las Vegas. Show all posts

Resort Giant Hacked: MGM Resorts Experiences a “Cybersecurity Issue”


In the recent turn of events, MGM Resorts – known to be one of the mega-entertainment and hospitality venues in the world (operating the largest casino on their Las Vegas strip) — has got hacked.

A local news outlet in Las Vegas broke the news on Monday, owing to the numerous complaints filed by the customers of MGM business. According to the reports, some complaints were in regards to the ATMs at affiliated hotels and casinos that did not appear to be functioning. Others claimed that their hotel room keys failed to function; while some noted that bars and restaurants inside MGM complexes had abruptly closed. Meanwhile, the official website of MGM also clearly is not functioning like it should. 

To put a halt to further speculations, MGM published a short statement mentioning that the organization has in fact been a victim of an undisclosed “cybersecurity issue.” According to The Associated Press, computer failures related to this problem appear to be affecting MGM properties all across the country, including in Vegas and far-flung locations like Mississippi, Ohio, Michigan, and significant portions of the northeast.

The statement posted by MGM to X (previously Twitter) reads: “MGM Resorts recently identified a cybersecurity issue affecting some of the Company’s systems. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems. Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter.”

Later, the company acknowledged being the victim of a "cyberattack" and said the attack was disrupting some of its computer systems, in a statement shared with Bloomberg. However, it is still unclear exactly what kind of attack has disrupted their functioning. Apparently, ransomware would be the most likely suspect in this situation. 

While casinos are not the frequent targets of cyberattacks, such exceptional cases have certainly been known to occur. 

It is worth mentioning that a ransomware attack will undoubtedly have a significant impact on MGM's business operations, taking into account that the company is not just some casino supplier, but rather a giant corporate empire with many interconnected enterprises. Further information in regards to the issue awaits, along with its customary in situations involving "cyber incidents," to determine the exact details on the MGM issues.  

Several Critical Flaws Detected in Las Vegas’s Leading Casinos

 

External attack surface management platform, Reposify, has discovered multiple vulnerabilities in the IT networks of Las Vegas’s leading casinos. Recently, Nevada Gaming Control Board (NGCB) issued a warning for all the casino operators and advised them to remain prepared for possible cyber-attacks.

“We can say with certainty that the types of vulnerabilities discovered had the potential to result in financial losses and exposure of sensitive information including personal information of customers,” Reposify spokesperson said.

Researchers from Reposify used an External attack surface management (EASM) platform to detect security loopholes in the IT networks of casinos that might catch attackers’ attention. During their examination, researchers discovered multiple exposures in the network perimeter of a leading Las Vegas casino and also a stack trace of a casino’s purchasing system. 

The security loophole in stack trace allowed researchers to secure details regarding the casino’s backend architecture and other highly sensitive information. Researchers claim that attackers can abuse exposed stack traces to secure access into a casino’s internal networks. In addition, cybersecurity experts also spotted a Microsoft Exchange server with multiple critical flaws. These flaws could allow malicious actors to gain domain administrator rights and execute remote code attacks.

“If attackers managed to gain access to this server, which they could easily do by exploiting the several vulnerabilities this server had, they would be able to see all internal and external communications, launch phishing and ransomware attacks, among others,” Repsoify’s spokesperson told CyberNews in an email.

According to the researchers, one of the casinos did not use multi-factor authentication for logging in to a firewall system, leaving a critical part of security open to credential stuffing and brute force attacks.

“We can say with certainty that the types of vulnerabilities discovered had the potential to result in financial losses and exposure of sensitive information including personal information of customers,” the spokesperson explained. 

Notably, Reposify did not publish the names of the affected casinos and also didn't know whether discovered flaws were abused or not. Consequently, casinos with security loopholes in their IT systems were informed about the findings of the research in an attempt to help them fix the issues. 

“Casinos are considered a lucrative target for attackers, as evident by the numerous recent attacks on such establishments. After reviewing the exposures and unencrypted assets discovered over publicly accessible internet, I urge security teams to take immediate actions to identify and eliminate unknown exposures in their attack surfaces before they fall victim to the next cyber-attack,” Arnon Yosha, a senior security researcher at Reposify, stated.