Social engineering: A look at the spectacular hack of MGM
by Tina Siering
Critical infrastructure in focus: the importance of the NIS2 directive
That's how fast social engineering can go. A remarkable hack hit the billion-dollar casino chain MGM, paralysing the technical infrastructure and causing disruptions within the casinos. What happened and how the attackers proceeded, we explain in this article.
The hack of the US casino chain MGM Resort should be seen as a wake-up call for all companies beyond the gambling industry. The attack was an object lesson in how clever manipulation of people (social engineering) can lead to disastrous technical consequences. What had happened?
The evolution of NIS policies
The cyber threat landscape has grown significantly in recent decades. In response to increasingly frequent and severe cyber attacks, the European Commission adopted the NIS1 (Network and Information Security) Directive back in 2016. This directive aimed to oblige CRITIS operators - including entities from the energy, water, finance and healthcare sectors, as well as digital service providers in the EU - to take advanced technical and organisational measures to arm themselves against cyber attacks. With the introduction of the NIS2 Directive, the EU is now stepping up its efforts and broadening the scope of security requirements to cover significantly more sectors than before.
The attack path: social engineering through a simple telephone call
The attack was preceded by an inconspicuous, ten-minute phone call. The attackers obtained the contact details of an employee via publicly visible information on LinkedIn. During the phone call with MGM's helpdesk, the cybercriminals obtained enough information to penetrate the IT structure.
Undiscovered accesses in the MGM network
According to their own information, the attackers stayed undetected in MGM's network for a day before they started their operations. Their first step was to encrypt important data with ransomware. After MGM's IT security team discovered the incident, the systems were shut down to prevent worse.
Devastating effects: Ransomware and system shutdown
The impact did not only affect MGM's technical infrastructure. According to reports, the chain's reservation systems, apps and websites were affected, digital door locks via app were affected and cash register systems and slot machines were disrupted, especially in the hotels in Las Vegas.