MGM Resorts Ransomware Attack
MGM Resorts ALPHV/BlackCat Ransomware Attack
Cybercrime Meets Fake News
MGM Resorts, one of the world’s largest casino operators, found itself in the spotlight for all the wrong reasons in September 2023. A ransomware attack disrupted operations for days, forcing the company to take unprecedented measures as they refused to pay the ransom.
The impact was widespread. Internal networks, ATMs, slot machines, digital room key cards, and even electronic payment systems went offline.
But the real plot twist? The hacking group ALPHV took to the internet to correct media reports about their own attack: it wasn’t their ransomware attack that shut down MGM’s systems. That’s right—when the headlines got it wrong, the hackers themselves stepped in to set the record straight.
In this Deep Dive, Lieuwe Jan Koning is joined by Threat Intel Specialist Luca Cipriano and Field CTO Rob Maas to dissect the fallout from the MGM hack. They explore what steps the hackers took, how MGM’s response shaped the disruption, and—most importantly—what organizations can do to defend against ransomware attacks like this one.
Explore the Hack’s Route in Detail
Find a complete overview of the MGM Resorts Ransomware and other attacks featured in Prevent, Pay or Insure.
Your cybersecurity experts
Lieuwe Jan Koning
Co-Founder and CTO, ON2IT Group
Luca Cipriano
Threat Intel Specialist, ON2IT
Rob Maas
Field CTO, ON2IT
Episode details
MGM Resorts was left dealing with serious consequences after a cyber-attack that kicked off with a fraudulent call to their service desk.
The attack led to outages of their internal networks, ATMs, slot machines, digital room key cards, and electronic payment systems. Even TV services and phone lines were taken down, with staff having to rely on pen and paper to deal with guest requests.
In this Deep Dive, host Lieuwe Jan Koning is joined by Threat Intel Specialist Luca Cipriano and Field CTO Rob Maas as they discuss the details of the MGM hack. How was social engineering used by hacking groups to gain access to MGM’s Okta environment? And how did MGM’s own actions to try and stop the breach lead to potentially more trouble?
Enter the dynamic world of cybersecurity
Subscribe to our channels, and stay on to it!