security

Two Vegas casinos fell victim to cyberattacks, shattering the image of impenetrable casino security – Tech Xplore


This article has been reviewed according to Science X’s editorial process
and policies.
Editors have highlighted the following attributes while ensuring the content’s credibility:

fact-checked

reputable news agency

proofread


An error message is displayed on a machine at MGM Grand in Las Vegas, Tuesday, Sept. 12, 2023. MGM Resorts said a cybersecurity attack began Sunday, affecting reservations and casino floors in Las Vegas and other states. Credit: K.M. Cannon/Las Vegas Review-Journal via AP

× close


An error message is displayed on a machine at MGM Grand in Las Vegas, Tuesday, Sept. 12, 2023. MGM Resorts said a cybersecurity attack began Sunday, affecting reservations and casino floors in Las Vegas and other states. Credit: K.M. Cannon/Las Vegas Review-Journal via AP

A persistent error message greeted Dulce Martinez on Monday as she tried to access her casino rewards account to book accommodations for an upcoming business trip.

That’s odd, she thought, then toggled over to Facebook to search for clues about the issue on a group for MGM Resorts International loyalty members. There, she learned that the largest casino owner in Las Vegas had fallen victim to a cybersecurity breach.

Martinez, 45, immediately checked her bank statements for the credit card linked to her loyalty account. Now she was being greeted by four new transactions she did not recognize—charges that she said increased with each transaction, from $9.99 to $46. She canceled the .

Unsettled by the thought of what other information the hackers may have stolen, Martinez, a publicist from Los Angeles, said she signed up for a credit report monitoring program, which will cost her $20 monthly.

“It’s been kind of an issue for me,” she said, “but I’m now monitoring my credit, and now I’m taking these extra steps.”

Readers Also Like:  Nuclear engineering program incorporates career development - Inside Higher Ed

MGM Resorts said the incident began Sunday, affecting reservations and casino floors in Las Vegas and other states. Videos on showed video slot machines that had gone dark. Some customers said their hotel room cards weren’t working. Others said they were canceling their trips this weekend.


The Las Vegas Monorail passes by MGM Grand, April, 27, 2006, in Las Vegas. A “cybersecurity issue” led to the shutdown of some casino and hotel computer systems at MGM Resorts International properties across the U.S., a company official reported Monday, Sept. 11, 2023. Credit: AP Photo/Jae C. Hong, File

× close


The Las Vegas Monorail passes by MGM Grand, April, 27, 2006, in Las Vegas. A “cybersecurity issue” led to the shutdown of some casino and hotel computer systems at MGM Resorts International properties across the U.S., a company official reported Monday, Sept. 11, 2023. Credit: AP Photo/Jae C. Hong, File

The situation entered its sixth day on Friday, with booking capabilities still down and MGM Resorts offering penalty-free room cancelations through Sept. 17. Brian Ahern, a company spokesperson, declined Friday to answer questions from The Associated Press, including what information had been compromised in the breach.

By Thursday, Caesars Entertainment—the largest casino owner in the world—confirmed it, too, had been hit by a cybersecurity attack. The casino giant said its casino and hotel computer operations weren’t disrupted but couldn’t say with certainty that personal information about tens of millions of its customers was secure following the data breach.

The that triggered an FBI probe shatter a that casino requires an “Oceans 11”-level effort to defeat it.

“When people think about security, they are thinking about the really big super-computers, firewalls, a lot of security systems,” said Yoohwan Kim, a computer science professor at the University of Nevada, Las Vegas, whose expertise includes network security.

Readers Also Like:  U.S. Tech Espionage Team Unveils First Cases Involving China and ... - The New York Times


People walk by the MGM Grand hotel-casino Wednesday, Sept. 13, 2023, in Las Vegas. A “cybersecurity issue” led to the shutdown of some casino and hotel computer systems at MGM Resorts International properties across the U.S., a company official reported Monday, Sept. 11, 2023. Credit: AP Photo/John Locher

× close


People walk by the MGM Grand hotel-casino Wednesday, Sept. 13, 2023, in Las Vegas. A “cybersecurity issue” led to the shutdown of some casino and hotel computer systems at MGM Resorts International properties across the U.S., a company official reported Monday, Sept. 11, 2023. Credit: AP Photo/John Locher

It’s true, Kim said, that casino giants like MGM Resorts and Caesars are protected by sophisticated—and expensive—security operations. But no system is perfect.

“Hackers are always fighting for that 0.0001% weakness,” Kim said. “Usually, that weakness is human-related, like phishing.”

Tony Anscombe, the chief security official with the San Diego-based cybersecurity company ESET, said it appears the invasions may have been carried out as a “socially engineered attack,” meaning the hackers used tactics like a phone call, text messages or phishing emails to breach the system.

“Security is only as good as the weakest link, and unfortunately, as in many cyberattacks, is the method used by cybercriminals to gain the access to a company’s crown jewels,” Anscombe said.

As the security break-ins left some Las Vegas floors deserted this week, a hacker group emerged online, claiming responsibility for the attack on Caesars Entertainment’s systems and saying it had asked the company to pay a $30 million ransom fee.


A man takes pictures of Caesars Palace hotel and casino in Las Vegas, Jan. 12, 2015. Casino company Caesars Entertainment has joined Las Vegas gambling giant MGM Resorts International in reporting a recent cyberattack. But while MGM Resorts computer systems were still down, Caesars told federal regulators on Thursday, Sept. 14, 2023, that its casino and online operations were not disrupted. Credit: AP Photo/John Locher, File

× close


A man takes pictures of Caesars Palace hotel and casino in Las Vegas, Jan. 12, 2015. Casino company Caesars Entertainment has joined Las Vegas gambling giant MGM Resorts International in reporting a recent cyberattack. But while MGM Resorts computer systems were still down, Caesars told federal regulators on Thursday, Sept. 14, 2023, that its casino and online operations were not disrupted. Credit: AP Photo/John Locher, File
Readers Also Like:  Revolutionising security: IDEMIA's biometric tech tested at Redstone ... - SourceSecurity.com

It has not officially been determined whether either of the affected companies paid a ransom to regain control of their data. But if one had done so, the experts said, then more attacks could be on the way.

“If it happened to MGM, the same thing could happen to other properties, too,” said Kim, the UNLV professor. “Definitely more attacks will come. That’s why they have to prepare.”



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.