A group of thieves just stole tens of millions of dollars from MGM Resorts…
Then they did the same thing at Caesars Entertainment.
This wasn’t the kind of heist the team of rogues in the Ocean’s Eleven movies pulled off. You won’t find George Clooney or Brad Pitt anywhere near the Las Vegas Strip.
Nobody cracked a safe… shoved bales of cash into black bags… or jumped into a getaway car.
Instead, the perpetrators hijacked the casinos’ computer systems.
MGM reported that everything from slot machines, restaurant payment systems, and even room cards stopped working.
MGM lost $52 million in revenues because of the digital lockout. And it paid an undisclosed sum to get everything back up and running.
But we know that Ceasars paid a reported $15 million to get its systems back. MGM likely paid a similar amount.
Nobody has taken credit for the hack…
But fingers point to Scattered Spider.
It’s a hacker group based in the U.S. and Britain. Another organization known as “ALPHV” – aka BlackCat – could be involved.
But who is responsible for the attack doesn’t matter as much as the method they used to pull it off.
The hackers installed “ransomware” into the casinos’ computer systems.
It’s a kind of computer virus that gives them control of these systems. Then they demand a ransom to return control to the casinos.
And while that may sound easy in the digital age… it isn’t.
Firewalls and IT departments are typically effective at blocking viruses.
So, like any good heist movie, there was someone on the inside…
But in this case, the inside guy has no clue what’s going on.
In their attack on MGM, the hackers used social media site LinkedIn to get the identity of an MGM worker.
Then they called MGM’s help desk posing as that worker and asked for a password change.
That was it. They were in.
It’s not just the casino industry that’s been hit with these attacks…
In May 2021, a cyberattack against the Colonial Pipeline led to a five-day shutdown.
It’s the largest pipeline system for refined oil products in the U.S. The pipeline spans 5,500 miles and can carry about 3 million barrels of fuel a day between Texas and New Jersey.
It led to gas shortages in 17 states, which lasted for weeks.
Then, in July 2023, HCA Healthcare – which runs 186 hospitals across 21 states – reported a major customer data breach. Eleven million patients across 20 states had their data stolen.
Most of these attacks don’t make the nightly news…
But their costs add up…
The FBI reported that cyberattacks cost more than $10 billion in the U.S. last year.
Companies aren’t just sitting idly by.
A recent survey by Nuspire shows that nearly 60% of large companies are increasing their cybersecurity budget. And 40% plan for further increases.
And even with this increased spending, 60% of survey respondents still believe they’re at a high risk of a cyberattack.
It’s one of the reasons cybersecurity folks are so excited about AI…
Artificial intelligence (“AI”) systems excel at detecting patterns in large quantitates of data that humans can’t see.
This help can scan computer networks for signs of wrongdoing in real-time.
And it results in improved accuracy in detecting and preventing malware attacks.
AIs can also monitor phone calls and perform voice matching. This can help stop the kind of scam that gave hackers access to MGM’s computer systems.
Cybersecurity firms are even using generative AI systems similar to ChatGPT to protect against these kinds of attacks.
Crowdstrike is a leading cybersecurity firm. In May, it launched its Charlotte AI. It’s a generative AI security analysis tool. It allows users to ask simple questions and obtain real-time data on a company’s security vulnerabilities.
You can ask Charlotte about the most recent threat – say, ransomware attacks on casinos. And Charlotte can tell you everything there is to know about who the potential perpetrators are… and how you can shore up your systems against such an attack.
That’s on top of services like automated threat detection and data collection.
That’s why the AI megatrend is so powerful…
It’s not just about asking ChatGPT to write a school essay… compose a funny poem… or help you write a resume.
AIs can also provide real-time threat assessment and address vulnerabilities in a security network.
And for companies, that can mean the difference between being a victim of an expensive cyberattack and staying safe… and potentially saving millions of dollars as a result.
It’s one more part of the expanding AI story we’ve been exposing in these pages… and one more reason not to overlook the biggest investment trend since the rollout of the internet.
Regards,
Chris Lowe
Editor, The Daily Cut