Skip links

THE 10 MINUTE PHONE CALL THAT CAUSED $110 MILLION IN DAMAGES

Cyber attacks are everywhere.  The list of IMB’s that have been hit is growing – Loan Depot, Mr Cooper, Fairway and Planet Home Lending to name a few.

Perhaps the most high profile attack in recent history was launched against MGM and Caesars casino properties last year.  It brought Las Vegas to a standstill for weeks.  This was an especially brutal Ransomware attack. It not only made casino floor games inoperable (slots) but also locked hotel guests out of their rooms (digital keys didn’t work). It also made POS and ATM transactions unavailable nationwide at all properties and crippled online reservation systems.  Millions of player’s confidential information was compromised.  MGM lost over $120 million dollars and suffered a public relations nightmare. Caesars quietly paid the $15mm ransom and continued business as usual but MGM did not. They decided to shut their entire systems down and essentially re-create them.  This historic hack was accomplished via a 10 minute phone call.

How they did it

According to press releases, these properties had high security measures built into their systems.   Hacker groups ALPHV and Scattered Spider brought Vegas to its knees. They simply went onto LinkedIn and found mid level IT Help Desk employees at the various casinos.  Once they had this information, they called the right person and claimed to be a casino employee who was locked out of their account and needed a new password.  They were clever enough to speak the lingo and convincing enough to achieve the goal.  That’s it!  It was that simple.  Once they had new passwords to the systems, it was over.

Moral of the story is – it’s not enough anymore to employ the best minds in Cyber Security. Even if you have multi factor authentication and all the other built in protections, your organization can be brought down by one teeny tiny mistake by a well meaning employee working in IT.

Cyber hackers love LinkedIn.  Not only has the social media giant been the victim of numerous attacks, but member information has been used to undertake other crimes as outlined in the MGM incident.  According to an April 2022 report, LinkedIn even overtook international shipping company DHL as the most targeted brand.

Be vigilant

Have regular security meetings with every employee who has a digital sign on to your organization. Employ experienced Cyber Security professionals who will stay up to date on the latest infiltration threats and execute measures to defeat them.  According to an article today by Richey May, “adversaries live on a network and within an organization on average, for 285 days before detection.”  Let that one sink in.