MGM Resorts International suffered from a data breach this week. The security experts believed that the hackers responsible for the attack deployed social engineering.
While the identity of the threat actors was still unknown at the time, a person familiar with the matter said that the cyberattack was linked to a Western hacking group dubbed Scattered Spider.
MGM Resorts Cyberattack
US law enforcement officials believed that the MGM Resorts cyberattack was breached by Scattered Spider, a popular gang of hackers.
In a report by Bloomberg, Okta's chief security officer David Bradbury previously warned the companies in August that the hackers used a similar technique in the form of "low-tech social engineering."
The hackers are also touted to mimic the users on the IT networks to infiltrate the database.
The former advisory from Okta suggests that the hackers penetrated the IT service desk and deceived the staff to reset the multifactor authentication settings.
Bradbury adds that the staff was clueless about the identity of the hackers behind the attack. However, there's a clear lead about the name of the gang that recently breached MGM Resorts.
Related Article: Rotterdam: Europe's Largest Port Targeted in Cyberattack Linked to Pro-Russian Hackers
Scattered Spider Could Be the Culprit Behind MGM Attack
In another report by Reuters, US law enforcement officials said that two unnamed sources knew the possible suspect behind the MGM data breach.
The authorities pointed to the Scattered Spider, a notorious hacking group that had successfully taken down the casino firm.
To stabilize MGM's servers, the staff temporarily shut down the systems to contain the ongoing breach. The company's management is currently investigating the issue.
Going back to the Bloomberg report, Caesars Entertainment, another gaming giant, confirmed that they already sent payment to hackers in fear of leaking their data to the public.
When the cyberattack hit MGM and Caesars Entertainment, the shares of the two companies dropped.
"We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result," Caesars said in the filing.
Scattered Spider is a Master of Social Engineering
For those who are unfamiliar with the Scattered Spider persona, the group is also known as UNC3944. Bloomberg says that the members of the cybercrime gang originated from the UK and the US.
Additionally, cybersecurity analysts say that some members are even younger than 20 years old. Apart from that, they are reportedly operating with ALPHV, another group notorious for ransomware deployment. This gang is composed of Russian threat actors.
According to Bradbury, he expects the hackers to surface soon so he would know how to improve their cybersecurity defenses.
For Bradbury, the Scattered Spider is composed of highly skilled hackers who have expertise in identity technology.
Earlier this month, NXP semiconductors alerted the customers that a cybersecurity breach could have exposed millions of personal information.
According to Tech Times, the hackers could have exploited phishing attempts to carry out their attacks on the clients.
Read Also: MSI Cyberattack Confirmed and Described as 'Network Anomalies': Here's What Happened
