[ad_1]
Mandalay Bay is a 43-story luxury resort and casino at the south end of the Las Vegas Strip. It is operated by MGM Resorts International.
Credit – Kris1123, CC SA 3.0.
A recent cyberattack on the MGM Grand Casino is a reminder of the growing challenges in the realm of cybersecurity. The group that run Caesars casinos were also targeted by the same hacker group.
MGM international disclosed that it is dealing with a cybersecurity issue that impacted some of its systems. The $14 billion rated company operates hotel and gaming venues around the world, notably in Las Vegas. With the incident, the hacker group ALPHV was able to social-engineer their way into the company’s systems in 10 minutes.
Looking into the matter for Digital Journal is David Mound, Senior Penetration Tester at SecurityScorecard.
Mound looks at how the events of the cybersecurity incident have unfolded: “When MGM noticed something was off, they immediately took their systems offline. This quick action just goes to show how vital a strong incident response strategy is. By being proactive, you can seriously limit the damage an attack might cause.”
However, proactivity does not detract from the magnitude of the incident, as Mound points out: “Now, the sheer magnitude of this attack suggests that they’re dealing with some pretty advanced and possibly very skilled cyber criminals. It’s a wake-up call for businesses to always be on their toes and keep updating their security measures in order to stay one step ahead of these ever-changing threats.”
Mound also provides further details about the attack specifics, observing: “One of the more alarming aspects of this attack was how it messed with the casino’s slot machines. Slot machines are usually on a segregated network so it’s not clear if they were taken down as a precaution or if somehow the attackers have managed to traverse across into it. This really drives home the point that cyberattacks can throw a wrench into the most crucial parts of a business, potentially causing massive financial setbacks.”
There are lessons that the wider business community can draw from this incident. These are put forward by Mound, beginning with: “Layer up your security! Think firewalls, intrusion detection systems, and regularly checking for vulnerabilities.”
Mound also places an emphasis upon pre-planning, noting: “Have a solid game plan in place for when things go south. This means a comprehensive incident response plan that lets you act swiftly if there’s a breach.”
This extends to personnel, as Mound recommends: “Train your team. Make sure everyone knows about the risks of phishing and other sneaky tactics, because sometimes, human mistakes can be the weakest link.”
Another important mitigation is with data back-up: “Always, and I mean always, back up your essential data. If you’re hit with ransomware, this could be your lifeline. And last but not least, team up with the cybersecurity community. Sharing info on threats and best practices can make a huge difference.”
[ad_2]
Source link
