LAS VEGAS (KTNV) — Five people are facing federal charges in connection with a notorious hacker group believed to be behind a string of high-profile cyber attacks, including the ones that crippled MGM Resorts and Caesars Entertainment in September of 2023.
“Linkedin is a great tool and resource, everyone networks on there. It’s also a bad actor's best friend,” said Patrick Harr, CEO of SlashNext.
Unfortunately for MGM Resorts International, that’s all it took. In September of 2023, hackers accessed MGM’s systems by impersonating a company employee on the networking site and then calling the MGM IT help desk to access the network.
“There’s many different ways to get into the network and once you do that, all bets are off,” Harr said.
A few weeks earlier, Caesars Entertainment was also attacked by hackers, who compromised the customer loyalty database, which included the social security and driver's license numbers of millions of customers.
“The ransomware actors are constantly looking for where’s the biggest impact that they can get the biggest ransom from,” Harr said.
On Wednesday, the U.S. Attorney's Office for the central district of California announced indictments revealing that the group was operating under the name ‘Scattered Spider.’ The group targeted at least 100 organizations and stole millions of dollars in cryptocurrency.
The defendants, aged 20 to 25, face charges of conspiracy, wire fraud, and identity theft.
Although the release did not directly name MGM or Caesars, cybersecurity reports confirm the group’s involvement in both attacks.
“If you think about the amount of money that transfers inside of MGM or Caesar’s on a daily basis, just one hotel, one casino, let alone all the other ones, that's a huge disruption to their environment so they know if they’re able to hijack those systems, that that ransom is more likely to be paid,” Harr said.
The attacks caused massive disruptions at both casinos. Caesars reportedly paid a $15 million ransom to the hackers, while MGM refused to negotiate, ultimately facing an estimated $100 million in damages.
MGM’s systems were so severely impacted that employees had to resort to manual methods to check in guests and process reservations.
“At the end of the day, this is highly profitable so these types of groups operate much like another corporation where it’s all about making money,” Harr said.
While authorities are still piecing together the full scope of the operation, Harr says the arrests are a significant step in tackling the growing threat of sophisticated cybercriminals.
