Caesars Entertainment – one of the most important casino hotel chains in the world, owner of properties such as the Caesars Palace hotel in Las Vegas – has paid “tens of millions of dollars” to cybercriminals who threatened to disclose confidential data.
He reports it Bloomberg explaining that the attack was perpetrated by a group called Scattered Spider (also known as UNC 3944), known for its skills consisting of social engineering techniques (methods aimed at obtaining personal information through deception) to bypass security measures.
It is not the first attack of this type carried out against these large hotel chains, and a similar attack was also carried out against the gaming giant’s systems MGM Resorts.
Among the members of the hacker group, there would be people residing in the United Kingdom and the USA, some even very young (19 years old). Caesars was targeted on August 27, somehow managing to gain access to the network.
The cybercriminals threatened to leak data from the facilities in recent weeks, citing two people familiar with the matter. When it happened it had stock market consequences for both Caesars Entertainment and MGM.
The Scattered Spider group has been active since May 2022, and according to how reports the Trellix site has already attacked telephone companies and service companies. As mentioned, the group uses social engineering techniques to induce users to provide their login credentials and OTP (one-time-password) codes to bypass multi-factor authentication (this is what emerges from analyzes carried out by the security company Crowdstrike in a blog post in January).
“While the group’s members may be less experienced and younger than many of the multifaceted extortion/ransomware groups and state espionage actors, they pose a serious threat to large organizations in the United States,” said Charles Carmakal, chief technology officer by Alphabet’s Mandiant Intelligence.
Casinos are an attractive target for ransomware cybercriminals due to their obvious financial standing and dependence on business operations (operational disruption can cost millions of dollars).
For all the news dealing with computer security we refer readers to the dedicated section by macitynet.