(RepublicanReport.org) – A cybercrime group that has been targeting large corporations for two years recently struck two Las Vegas casinos, leaving some people wondering whether the FBI will ever make any arrests. They want to know why the attacks are being allowed to continue even though investigators have a list of suspects.
Caesars Entertainment, Inc. and MGM Resorts International both filed SEC reports in early September, each stating that they had identified suspicious activity in their information technology (IT) networks. Caesars stated that it immediately made efforts to beef up security and contain the issue. The company also insisted that it took action to see that the hackers deleted the stolen data, although it didn’t offer any further details. According to The Wall Street Journal, it paid about $15 million in ransom with the assurance that the attackers wouldn’t use the information they lifted.
As an additional safety measure, Caesars offered members of its loyalty program, who are all potential victims, a year of free credit monitoring and identity theft protection. It also assured members that it had taken steps with its IT department to ensure the company doesn’t experience a similar attack. The hackers reportedly gained access to the company’s database, which contains many members’ Social Security and driver’s license numbers, by using social engineering schemes.
The ploy was deceptively simple. Someone from the ring contacted Caesar’s outsourced IT support desk, claiming to be an employee who needed their password changed.
MGM, which suffered a similar attack, reportedly refused to pay the ransom. Instead, it chose to shut down IT operations until it could ensure its systems were secure. The decision caused disruptions in hotel and casino operations for a few days, but the company has since returned to business as usual.
The Washington Post reports that the suspects belong to a group called Scattered Spider. It’s affiliated with another hacking group called ALPHV, which is known for deploying ransomware with its attacks and has connections to other, similar groups via a larger hacking community called the Com.
Copyright 2023, RepublicanReport.org