Security leaders share thoughts on MGM cyberattack

Image via Unsplash

On Monday, September 11, MGM Resorts released a statement regarding a “cybersecurity issue” affecting company data. As of September 14, the resort is still working to return to a fully operational state, according to ABC. The cyberattack affected electronic doors, slot machines, elevators and ATMs.

The attack was allegedly triggered through a phone call to the resort’s help desk. The suspected attackers are also connected to an earlier cyberattack on Caesars Entertainment.

Security leaders have shared their thoughts and responses to the recent MGM breach, highlighting the need for stronger cybersecurity measures.

Nicko van Someren, Chief Technology Officer at Absolute Software

“Monday’s cyberattack on MGM Resorts emphasizes the critical importance of cybersecurity resilience in today's interconnected digital landscape. As organizations increasingly rely on technology to conduct their operations and manage the customer experience, they become more vulnerable to malicious actors seeking to exploit vulnerabilities. Cybersecurity resilience isn't just about preventing attacks; it's about having the capacity to detect, respond to and recover from such incidents swiftly and effectively. Building a robust cybersecurity resilience strategy is not an option but a necessity, to safeguard both an organization's assets and its reputation in these ever-evolving threat and competitive landscapes.”

Steve Hahn, Executive VP at BullWall

“These types of properties should view these as a “when” not “if” event and look to how to contain an outbreak within milliseconds vs solely focusing on prevention. With a prevention only focus the threat actor only needs to get it right one time. Containment tools and a disaster response plan have to be seen as “table stakes” for casinos in the modern threat world.”

Emily Phelps, Director at Cyware

“Cybersecurity is increasingly complex, in part, due to the interconnected way in which business now operates. It is more difficult to isolate an issue, leading to widespread impact. Even well-resourced enterprises deal with disparate tools, siloed teams and data and delayed response. Cybersecurity must become more collaborative to get ahead of threats that interrupt business continuity.”

Kayla Williams, Chief Information Security Officer at Devo

“These Las Vegas breaches and outages are harsh reminders that cybercriminals won’t think twice about demanding big ransom payouts. It’s also clear that even seemingly unsophisticated cyberattacks can cause a lot of damage. In addition to keeping up with hot new threats, security teams must not lose sight of the basics. Regular security reviews of the software and services supply chain, backup and restore processes, cyber awareness training, and incident response table-top exercises can help mitigate the chance others will suffer several days of downtime. If the ALPHV/BlackCat ransomware group's claim that it only took a 10-minute phone call to take MGM down is true, enhanced caller vetting and employee verification processes in the HelpDesk could have also potentially thwarted the social engineering attempt. These security measures, while seemingly basic, coupled with segregation of duties reviews and following principles of least privilege access, can go a long way in keeping companies secure.”

Taelor Daugherty is the Assistant Editor at Security magazine. Daugherty covers news affecting enterprise security leaders, from industry events to physical & cybersecurity threats and mitigation tactics. She is also responsible for coordinating and publishing web exclusives, multimedia content, social media posts, and a number of eMagazine departments. Daugherty graduated in 2022 with a BA in English Literature from Agnes Scott College.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.