The MGM Grand Cyberattack: A Case Study in Human Error and Corporate Risk

The ransomware group ALPHV, also known as BlackCat, has reportedly compromised MGM Grand casinos, affecting its operations across multiple states in the U.S. According to malware archive vx-underground, the group used social engineering to breach the company’s computer systems within just 10 minutes. They found an employee on LinkedIn and made a phone call to the Help Desk to gain access. The attack disrupted various services, including reservation systems, casino floors, and even the company’s website. MGM Grand is valued at approximately $33.9 billion, and it’s suggested they will not meet the ransom demands. The FBI is aware of the ongoing situation, and both the extent of the damage and investigations are still in progress.


Importance of Cybersecurity to Small and Medium Businesses:

The MGM case serves as a cautionary tale for small and medium-sized businesses (SMBs) in several ways:


Human Element: The weakest link in this major cyberattack was a human—someone who had the ability to provide attackers with access. SMBs often overlook the human aspect of security, but training employees to recognise social engineering tactics can be just as important as installing firewalls and encryption tools.


Speed of Compromise: The attackers were able to gain access in just 10 minutes. Speed is of the essence in cybersecurity, and SMBs need to have protocols in place to quickly identify and neutralise threats.


Multi-Location Impact: The attack was not localised; it affected MGM Grand’s operations in multiple states. SMBs may also operate in different locations or even just online, and a cyberattack could have wide-reaching effects.


Downtime Costs: For a business like a casino, downtime directly translates into lost revenue. SMBs are similarly vulnerable, as even short periods of downtime can be disastrous for smaller operations that don’t have the resources to recover quickly.


Reputation Damage: MGM Grand is a well-known entity, and this attack may tarnish its reputation, potentially leading to loss of business. SMBs, whose customer base may already be limited, can ill-afford such reputational damage.


Regulatory Consequences: Businesses of all sizes may be subject to fines or legal actions if found to be negligent in securing customer data.


Ransom Considerations: SMBs often have fewer resources and may be more inclined to pay ransoms, making them attractive targets for ransomware attacks.


Expert Opinion: Professionals in the cybersecurity industry have noted that no sector is immune. Being complacent, thinking that a certain type of business wouldn’t be targeted, is not an option.


In summary, the MGM Grand cyberattack underscores the critical importance of cybersecurity for businesses of all sizes, including SMBs, and the necessity of considering the human element as a significant security risk.