On September 11, cyberattacks on Caesars Entertainment and MGM Resorts attracted worldwide attention. The companies’ global operations, share prices – and possibly credit ratings – were severely impacted.
After three days of being paralyzed, Caesars purportedly shelled out $15 million to the hacking group Scattered Spider, also known as Roasted 0ktapus or UNC3944.
The method of attack against MGM: ransomware-as-a-service (RaaS) made by ALPHV, or BlackCat, and social engineering by impersonating an employee they found on LinkedIn in a call known as “vishing” (“voice” plus “phishing”) to MGM’s IT help desk. Vishing gained attackers login credentials or a one-time password to bypass multifactor authentication and enter the system.
View entirety: The Maritime Executive