Cyberattacks against casinos have garnered attention, but a steady stream of little-known attacks have made it difficult for vulnerable victims to recover.

Casino and hotel company MGM Resorts has been dealing with widespread system outages and service outages as it struggles to contain a cyberattack this week on hotels in Las Vegas and elsewhere. Meanwhile, Caesars Entertainment said in a filing with U.S. regulators on Thursday that it recently suffered a data breach in which many loyalty program members had their Social Security and driver’s license numbers stolen, along with other personal data.

The two high-profile incidents have drawn scrutiny this week, with MGM customers reporting sporadic key card issues at the company’s hotels, black screens on slot machines, malfunctioning ATMs, and bankruptcies at MGM properties. There were other difficulties with hotel stays and cashing out winnings. On Wednesday, Bloomberg reported the news of the Caesar leak. wall street journal Reports on Thursday said Caesars had paid roughly half of the $30 million demanded by the attackers in exchange for a promise not to leak stolen customer data. While both incidents are important, experts stress that the consequences of these two high-profile hacks fit within the broader context of ransomware attacks as a pervasive, relentless and entrenched threat.

The recent spate of casino hacks fits into a larger cycle in which certain cyberattacks have drawn widespread attention to digital threats and even prompted government action. Ultimately, ransomware and data extortion attacks are again behind the scenes, although they continue to wreak havoc and impact vulnerable populations.

“The attacks on casinos are very high profile and get people’s attention. We have an entire movie and TV franchise about casino heists,” said Lesley Carhart, director of incident response at Dragos, an industrial controls security company. . Still, “many life-impacting attacks on critical infrastructure and healthcare occur less visibly, and therefore they don’t easily attract mass media. I don’t think this is a cybersecurity or even media issue — it’s a human Psychological issue. We’ve been facing this problem for a long time in the world of industrial control system cybersecurity, where an attack can literally mean life or death, but it’s not a good story.”

Also Read:  The Best Personal Safety Devices, Apps, and Wearables

An affiliate of the notorious ransomware group Alphv, a Russia-based gang also known as BlackCat, claimed responsibility for the MGM attack this week. The group has denied involvement in the Caesar hack. Casinos have long been targeted by attackers because they make a lot of money, have potentially valuable customer data, and have historically not always been well protected. MGM itself suffered a hack in 2019 in which the data of more than 10.6 million hotel customers was stolen and eventually posted online by hackers.

But Alphv is known for being a prolific and ruthless attacker, even if its hacks don’t generate sustained coverage and discussion. As many cybercriminals do when extorting money from their victims, the gang targeted healthcare organizations and other critical institutions that hold sensitive data. Alphv is known to even publish samples of stolen data, such as intimate medical photos, in an attempt to force targets to pay the ransom.

These tactics have escalated as global law enforcement efforts have made slow progress in deterring cybercriminals and preventing victims from paying ransoms. But these gains have been undermined by tenacious and aggressive attackers bent on profit, regardless of the impact on their victims.

“While attacks on dice shops and sausage factories put ransomware in the spotlight, at least it exist “The more attention the problem gets, the more policymakers are likely to be tempted to try new tactics,” said Brett Callow, a threat analyst at antivirus company Emsisoft. “And new tactics are urgently needed. Ransomware has reached or It’s close to all-time high levels, so the current strategy is clearly not working.”

Also Read:

Law enforcement around the world, including the FBI, has long prevented victims from paying ransoms. If cybercriminals are sanctioned, governments can sometimes impose restrictions or prohibitions on a target’s ability to pay. But Carlo said it may be time for the government to add more restrictions on when ransoms and extortion demands can legally be paid, given that in countries like Russia many actors operate with impunity and they often cannot be effectively prosecuted.

Ultimately, the researchers suggest that while there are no easy solutions to the threat of ransomware, every high-profile incident that enters the public consciousness should serve as an opportunity to educate agencies and legislators about the reality of the risk and the need for action. . Proactively invest resources in improving digital defenses.

“We typically see more cases that impact the end user or consumer and make everyday activities more challenging – filling up gas, buying meat at the grocery store, hundreds or thousands of people trying to “If there’s any silver lining to these types of cases, it’s that they bring attention to the room and help more people,” said Wendi Whitmore, senior vice president of threat intelligence group Unit 42 at hotel room cybersecurity company Palo Alto Networks. Organizations proactively learn lessons by studying these cases and closing potential gaps in their environment so that the same attacks are less successful in the future. “

Categories: Security