On Sunday 10th September, Vegas giants MGM Resorts International fell victim to a cyberattack which led to chaos in venues across the city and in a handful of other MGM properties around the USA.
Operational issues faced included some slot machines going out of service, reservation system failures and parking and hotel key cards failing to work. This made it difficult for guests to enjoy their trips.
Established ransomware groups ALPHV/Black Cat and Scattered Spider have both claimed responsibility for the attack. The incident was reportedly caused by hackers who impersonated an MGM employee they found on LinkedIn and called staff IT desks to gain entry to the MGM systems.
The Price Of Cybercrime
As a result, MGM could have lost up to $8.4 million, or 10% to 20% of daily revenue, for each of the nine days that their systems were disrupted.
Another hotel and casino chain, Caesars Entertainment, also suffered an attack a few weeks prior. To regain control of their systems and prevent hackers from selling stolen data, Caesar’s paid the hackers $15 million, half of a $30 million ransom.
What Can Small Businesses Do?
Although MGM and Caesars are large corporations, the ways in which they may have been compromised by hackers simply calling front line workers could happen to a business of any size.
Small businesses should take the following steps to protect against costly and brand-damaging cyber attacks.
- Invest in up-to-date cyber security training for staff
- Invest in cyber insurance
- Have good manual processes for smoother operations in case a system is compromised
Read The Brand Protection Blueprint For Small Businesses to learn more about protecting your business from cybercrime and hijacking.
Follow me on LinkedIn. Check out my website.