On September 11, 2023, MGM Resorts International, one of the world’s largest gaming and entertainment companies, was hit by a cyberattack. The attack forced the company to shut down systems at some of Las Vegas’ most popular gambling venues, including the Bellagio, Aria, and Cosmopolitan.
The attack also disrupted operations at MGM Resorts properties in other parts of the United States, including Maryland, Massachusetts, Michigan, Mississippi, New Jersey, New York, and Ohio.
The full extent of the attack is still under investigation, but it is believed to have been carried out by a ransomware gang known as BlackCat. Ransomware encrypts files and demands a ransom for the decryption key.
MGM Resorts has not disclosed whether it paid a ransom to BlackCat, but the company did say that it was able to restore its systems from backups.
What impact did the cyberattack have on Las Vegas?
The cyberattack caused significant disruptions to Las Vegas’ tourism industry. Many hotels and casinos were forced to close restaurants, bars, and other amenities. Some casinos also had to shut down their slot machines and table games.
The attack also made it difficult for guests to check in and out of hotels. Many casinos had to revert to using manual check-in and check-out procedures.
The cyberattack also had a negative impact on Las Vegas’ economy. The city lost millions of dollars in revenue as a result of the disruptions.
What are the key takeaways from the Las Vegas cyberattack?
The Las Vegas cyberattack is a reminder that even the largest and most sophisticated companies are vulnerable to attack. It is also a reminder that the consequences of a cyberattack can be far-reaching, especially for businesses that rely on technology to operate.
Here are some key takeaways from the Las Vegas cyberattack:
- Cyberattacks are becoming more common and sophisticated. Businesses of all sizes need to be prepared for the possibility of a cyberattack.
- Ransomware is a particularly dangerous type of malware. Businesses need to have a plan in place for dealing with a ransomware attack.
- Backups are essential. Businesses need to back up their data regularly so that they can restore it in the event of a cyberattack.
- Businesses need to educate their employees about cybersecurity best practices. Employees should be aware of the different types of cyberattacks and how to protect themselves.
How can businesses protect themselves from cyberattacks?
Businesses can take several measures to safeguard themselves against cyberattacks, such as:
- Implement a security awareness program. Employees should be trained on the different types of cyberattacks and how to protect themselves.
- Keep software up to date. Software updates often include security patches that can help to protect systems from known vulnerabilities.
- Use strong passwords and multi-factor authentication. Strong passwords and multi-factor authentication can help to prevent unauthorized access to systems.
- Backup data regularly. Backups should be stored offline or in the cloud so that they cannot be accessed by attackers.
- Establish a response strategy for cyberattacks, encompassing actions for detection, containment, and recovery.
By following these steps, businesses can help to protect themselves from the risk of cyberattacks.
The Las Vegas cyberattack is a reminder that even the largest and most sophisticated companies are vulnerable to attack. Businesses of all sizes need to be prepared for the possibility of a cyberattack and have a plan in place for responding to one.
There are a number of things that businesses can do to protect themselves from cyberattacks, including implementing a security awareness program, keeping software up to date, using strong passwords and multi-factor authentication, backing up data regularly, and having a plan in place for responding to cyberattacks.
By following these steps, businesses can help to protect themselves from the risk of cyberattacks and their negative consequences.