How Hackers Swindled Vegas

/in


In the mid-2010s, cybercriminals shifted their ransomware strategy. Instead of spamming as many individual victims as possible with ransomware, criminals began targeting large organizations: hospitals, governments, hotel chains, pipeline companies—the types of victims who could pay millions, not hundreds, of dollars to regain control of their computer systems. By going after these high-value targets, they could make a lot more money while distributing a lot less malware. It was only a matter of time before the cybercriminals came for Vegas. Earlier this fall, a ransomware attack hit both Caesars and MGM Resorts.

Las Vegas casinos may be an obvious target for cybercriminals, but according to the Financial Times, the hackers’ original plan was fairly complicated: They were going to hack into the slot machines at MGM’s casinos so that they could fix the results, then hire people to go to the casinos and win money at the hacked slot machines. As it turned out, the slot machine software was apparently not so easily manipulable, according to an interview the Times conducted with one of the hackers via Telegram. Their inability to rig the slot machines forced the hackers to shift gears and resort to their backup plan: steal all of the casino’s data, encrypt it, and demand a ransom payment to return it to MGM.

The ransomware attack had its desired effect: It forced several MGM-owned casinos and hotels, including the Bellagio and the Cosmopolitan, to stop using their computers entirely and instead check in hotel guests manually and provide customers with cash payouts. Caesars, which was hit by the same attackers a few weeks earlier, reportedly avoided similar disruptions by paying a $15 million ransom (half of what was apparently a $30 million ransom demand). Caesars later disclosed the breach to the U.S. Securities and Exchange Commission in a Form 8-K filing on Sept. 7, noting that it had determined that an outside hacker had accessed the driver’s license and Social Security numbers of some of its loyalty program members. But the company made no mention of the multimillion-dollar ransom payment in the filing.

MGM, meanwhile, was unable to bring its computers back online for 10…

Source…