Cybersecurity News in Asia

Features
- Featured
  
  Bridging the data science talent gap for national cyber defenses: Urgent action needed
  
  Monday, April 29, 2024, 10:16 AM Asia/Singapore | Features
- Featured
  
  AI adoption in India: A balancing act worth chatting about
  
  Thursday, April 25, 2024, 2:53 PM Asia/Singapore | Features, Newsletter
- Featured
  
  AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming
  
  Monday, April 22, 2024, 4:40 PM Asia/Singapore | Case Study, Features
News
- Featured
  
  Understanding the “multiplier effect” of digital fraud in the region
  
  Thursday, May 2, 2024, 2:05 PM Asia/Singapore | News, Newsletter
- Featured
  
  The LockBit group may have been busted, but its code lives on
  
  Tuesday, April 30, 2024, 11:34 AM Asia/Singapore | News, Newsletter
- Featured
  
  Were cyberattackers evading detection less efficiently in 2023?
  
  Friday, April 26, 2024, 1:42 PM Asia/Singapore | News, Newsletter
Opinions
Tips
Whitepapers
Awards 2024
Directory
E-Learning

News

MGM ransomware attack is just one of five similar incidents this month

By CybersecAsia editors | Thursday, September 21, 2023, 4:29 PM Asia/Singapore

Another entertainment empire, as well as three other unnamed clients of an identity management firm, are now in the hot spot.

Following up on the MGM Resorts ransomware attack by the ALPHV group and the ongoing “negotiations” by the resort group with the attackers, word is out that social engineering was the key approach used to gain a foothold in the system.

A member of BlackCat had apparently used the identity of an MGM employee found easily on LinkedIn to contact the firm’s help desk requesting for a password change. This went without a hitch, and simple as that — the attackers were in.

With US$52m dollars (and more) estimated currently as the amount of lost revenues, the breach is expected to negatively impact the gambling and hospitality group’s credit rating. So far, MGM has not yet publicly acknowledged receiving a ransom demand, they are collaborating with the FBI and cybersecurity experts to investigate the breach and restore affected systems.

In a similar incident in the industry, Caesars Entertainment has also suffered a ransomware attack. Caesars had attributed the attack to social engineering — in the case involving an external IT vendor. Among other data, the entertainment group’s loyalty program database was stolen. Unconfirmed sources believe the same attackers (ALPHV) were involved. In this case, the firm had apparently paid at least half the demanded ransom (to the tune of tens of millions of US dollars), but had failed to get its data returned. However, their spokesperson has claimed that they “have not seen any evidence that the data has been further shared, published, or otherwise misused.”

Nevertheless, the group’s ransom payment goes against strict regulatory policies implemented by the US government’s Office of Foreign Assets Control (OFAC), which render ransomware payments a potential sanctions risk under US law.

Meanwhile, the chief security officer of the identity management company Okta, David Bradbury, has said that five of his firm’s clients, including MGM and Caesars, had been attacked since August 2023.

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Securing Industry 4.0
The world is advancing to Industry 4.0 in full swing, and this is a key …Download Whitepaper
Secure Access Service Edge (SASE) Solutions for Today’s Work-From-Anywhere (WFA) Environment
Organizations are turning to Secure Access Service Edge (SASE) solutions for securing remote work environments, …Download Whitepaper
Identity Has Breached the Ecosystem
This whitepaper explores the dual nature of identity in cybersecurity, emphasizing its role in both …Download Whitepaper
Fortanix Buyers Guide for Modern Key Management and Data Security
This document underscores the pressing challenges in key management and data securityDownload Whitepaper

Middle-sidebar-banner

Case Studies

How medical devices manufacturer Tuttnauer protects patient and personal-data safety
In running a cloud-based portal to link its smart medical equipment, the firm has also …Read more
AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming
To test the safety/security of a generative AI feature, what unchartered bugs and human testing …Read more
Real estate logistics provider GLP steps up to zero trust architecture
With its physical and digital footprint growing, the global firm’s outdated legacy security stack has …Read more
Identity security woes now a thing of the past for Heng Leong Hang
The retail chain was grappling with numerous cyber risks in its IT infrastructure until it …Read more

Cybersecurity News in Asia

Featured

Bridging the data science talent gap for national cyber defenses: Urgent action needed

Featured

AI adoption in India: A balancing act worth chatting about

Featured

AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming

Featured

Understanding the “multiplier effect” of digital fraud in the region

Featured

The LockBit group may have been busted, but its code lives on

Featured

Were cyberattackers evading detection less efficiently in 2023?

MGM ransomware attack is just one of five similar incidents this month

Another entertainment empire, as well as three other unnamed clients of an identity management firm, are now in the hot spot.

Related Posts

Leave a reply Cancel reply

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Middle-sidebar-banner

Case Studies

Bottom sidebar