The Caesars ransomware attack and the MGM cyber attack are thought to be the work of the same threat actor conducting a series of cyber attacks targeting casinos and hotels in Las Vegas.
Reports confirm that Caesars Entertainment Inc., the company behind Caesars Palace in Las Vegas, is the first victim of the series of cyber attacks, followed by MGM as the second.
The hospitality and entertainment business has reportedly succumbed to the demands of the threat actors who infiltrated the Caesars Entertainment network by paying a ransom.
While insider reports suggest that the ransom amount paid by Caesars Entertainment could be as high as $30 million, the company has not officially confirmed the exact ransom amount.
This move is believed to be under duress following the threat of sensitive data exposure in the Caesars ransomware attack.
What We know About the Caesars Ransomware Attack
According to Cybernews, some known sources claim that Caesars is preparing to disclose this Caesars ransomware attack in an upcoming regulatory filing.
This development comes in close succession to a similar breach experienced by MGM Resorts International.
Evidence suggests that the cyber-attack sequence may have been underway for several weeks, though it only came to public attention after the MGM incident.
The ALPHV ransomware group, AKA the BlackCat group, is suspected of orchestrating these targeted cyber attacks on hotels and casinos in Las Vegas.
The Cyber Express has also reached out to Caesars Entertainment to learn more about this Caesars ransomware attack. However, at the time of writing this, no official statement or response has been received from the company.
Providing a different perspective of the hackers who launched the Caesars ransomware attack and MGM cybersecurity incident, insiders propose that both MGM and Caesars may have been targeted by a relatively lesser-known hacking group known as “Scattered Spider.”
In contrast to prior assumptions, this group, rather than ALPHV/BlackCat, is believed to be responsible for the attacks on both entertainment giants.
With Caesars Entertainment and MGM falling victim to cyber attacks, concerns arise over potential next targets in the casino and hotel industry. While no specific information points to future victims, heightened security measures are advisable across the sector to thwart further attacks and protect sensitive data.
Were Caesars Entertainment, MGM Cyber Attacks Planned During DEFCON in Las Vegas?
An online theory draws connections between the Caesars ransomware attack, the MGM breach, and the DEFCON hackers conference, held at Mandalay Bay, an MGM property, precisely one month before the cyber attack.
While speculative, this theory contributes an additional layer of inquiry to the narrative of the MGM cyber attack.
The DEFCON conference is one of the world’s largest and most well-known hacking conferences. It’s an annual event held in the United States, typically in Las Vegas, Nevada.
DEFCON unites hackers, cybersecurity experts, tech enthusiasts, and those with a keen interest in technology and security. In DEFCON 2023, chatbots and artificial intelligence became the hot topic where hackers tested their skills against system vulnerabilities.
In one of the events at the conference, hackers were able to trick chatbots into revealing credit card numbers and other information that was supposed to be protected by the same system.
It’s important to clarify that the recent MGM cyber attack, the Caesars incident, and DEFCON 2023 are merely connected by speculation at this point, with no concrete evidence linking them together.
In the case of the MGM cyber attack, the business establishment reported outages within the systems where guests experienced check-in issues and extended wait times in digital key card access, slot machines, ATMs, and paid parking systems, which were all affected by the cyber attack.
Moreover, The Cyber Express reported the MGM cyber attack which was more like a simple intrusion instead of a sophisticated cyber-attack.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
