LAS VEGAS (KTNV) — Cyber attacks can cause a business a lot of pain, especially when it loses out on potential revenues because it can’t operate properly.
That’s exactly what MGM Resorts International has been going through for over a week following its revelation on Sept. 10 that it had been hacked.
The breach has led to long wait times for hotel guests at MGM properties on the Strip and the crippling of the company’s popular rewards loyalty club.
With few details about the MGM attack known, we still don’t know what the company might have done better in order to safeguard itself, but there are steps firms can take in that area.
MORE: What is and isn’t working at MGM Resorts in wake of ‘cybersecurity’ issue
For one, companies can buy cybercrime insurance policies, which are becoming more popular, according to experts.
“There is a substantial amount of demand for cyber insurance policies,” says Gennady Stolyarov, a lead actuary with the Nevada Division of Insurance.
Stolyarov says cyber policies came onto the scene about ten years ago, meaning they’re relatively new in the insurance world. Some — though the policies would be very expensive — are even designed to help pay a ransom demand.
That’s often the goal for cyber gangs — a payout, which could easily be in the millions.
“A policy may certainly help in those kinds of situations,” Stolyarov says. “There could be some limitations or exclusions on what coverage is provided.”
Experts claim the culprits behind the MGM attack — and possibly behind a recent attack on Caesars Entertainment — are from a group commonly referred to as Scattered Spider.
Mike Del Prado, CEO of the Las Vegas information technology firm Executive Option, says he’s familiar with the group and its mode of operation.
“They’re not breaching data just to capture information,” he says. “They’re more focused on the money behind it.”
IMPACT: Tennessee couple canceled their trip to Las Vegas after news of the cybersecurity issues
So far, we know the FBI is investigating the MGM hack, but there is no confirmation that it’s also working on the Caesars breach.
As of Monday afternoon, customers still were not able to book hotel rooms through MGM’s website.