Science and TechData Privacy and Cybersecurity

Actions

MGM Resorts cyberattack won't be the last; how to protect yourself

Attacks on MGM Resorts and Caesars took vacationers by surprise, but security experts predict more are coming, and show how to best protect yourself.
Posted
and last updated

If you've recently traveled to a casino or are planning a trip soon, you probably have followed the cyberattacks against MGM Resorts and Caesars. But travelers should be aware because security experts say those cyberattacks will not be the last.

Davina Koss has just flown home from a trip to Las Vegas that she will never forget.

"We tried to get player's cards," she said, "but they said they couldn't do that because everything was down."

A massive cyberattack made for a frustrating casino visit.

"People were just sitting at their slot machines waiting for their cash out, because you had to get cash," Koss.

MGM Resorts back online 10 days after cyberattack
Cars pass the MGM Grand hotel-casino

MGM Resorts back online 10 days after cyberattack

Up until now, people had not been able to make hotel and casino reservations online. Previously, guests couldn't use their room keys.

LEARN MORE

The attack did not just impact MGM casinos, however. Many services were down at Amber McCarthy's hotel.

"No TVs worked in our room," she said, "and there was no electric at the restaurants. They would only accept cash."

MGM, however, is hardly the first company facing a cyberattack this year, and it won't be the last.

Even Clorox was recently targeted, leading to temporary product shortages.

Cyberattacks increasing in 2023

Data security company Check Point reports an 8% rise in weekly attacks for the second quarter of this year, the most significant surge in the last two years.

"I would not be answering a single email if it came from MGM right now because the hackers are gonna be brand impersonating," said Pete Nicoletti, global chief information security officer of Check Point.

Nicoletti says recent attacks are raising new concerns about a powerful tool in cyberattacks called social engineering, which targets an employee or person associated with the company, not a weakness in the system. Often, they pretend to be employees who have lost their passwords and contact the company's help desk.

"98% of successful attacks involve some aspect of social engineering," he said.

So how can you protect yourself? Check Point says:

- When you learn of a cyberattack, monitor your banking and credit card information.

- Be on alert for phishing emails, texts or voice calls designed to trick you into sharing information.

- Check your credit report periodically.

In the meantime, security experts say recent visitors to MGM Resorts hotels should watch their credit card statements closely, just in case of suspicious charges.