A Grand Attack: How The MGM Resort Cyberattack Shook The Hospitality Industry

In the bustling world of entertainment and hospitality, few names carry as much weight as
MGM Resorts. However, the recent cyberattack on their Las Vegas properties sent shockwaves through the industry and raised concerns about the vulnerabilities businesses face in the digital age. Let’s dig into the attack and its far-reaching impact on both MGM and the greater hospitality industry.

Small Gamble, Big Win

Las Vegas: a city of lights, glitz, glamor, and above all: money. Like any other night, there’s entertainment and excitement around every corner for guests at the MGM Resorts, the powerhouse behind high roller casinos like MGM Grand, Bellagio, Aria, and Cosmopolitan on the strip. Behind the scenes, a different story was unfolding.

While its resorts, casinos and sportsbooks are technologically advanced for guests’ comfort and employee efficiency, it started working against them as soon as a Service Desk employee picked up a seemingly innocuous phone call. In blinding speed, this “vishing” phone call from a cyberattacker triggered a cascading series of disruptions that reverberated through all the different MGM properties.

By the end, MGM paid out the $15 million ransom to the hacker group that claimed responsibility, known as Scattered Spider or UNC3944, and believed to be associated with the larger ALPHV ransomware group. While it might seem like a small amount, MGM’s hesitation to respond and inability to respond to the attack is estimated to have cost them around $84 million dollars in revenue, not to mention missed profits from customer dissatisfaction and lowered business.

Beyond The Casino Floor: Digging Into The Business Impact

In days, anything connected to the resorts’ networks nationwide were affected and shut down, including MGM websites and apps, check in systems, ATMS, electronic room keys, slot machines, and even elevators. Gradually, some systems returned, including resort amenities, dining, entertainment, pools, and spas, but some systems remained affected for a far longer period of time than comfortable.

Key Takeaways: Don’t Gamble With Cybersecurity

The MGM Grand cyberattack serves as a stark reminder that no organization is immune
to evolving cyber threats, especially when it comes to big cash businesses. As the hospitality sector leans increasingly on technology, enhancing cybersecurity measures becomes not just a choice but a necessity.

Know Your Limits

The MGM Grand cyberattack underscores the vulnerabilities that businesses face in today’s interconnected digital landscape. By drawing lessons from this incident and investing in robust cybersecurity measures, organizations can safeguard their operations and uphold their reputation in an era of increasing cyber risks.