Others

"Social engineering’ proves powerful tool in casino cyberattacks", experts say

Monday 18 de September 2023 / 12:00

⏱ 3 min read

(Las Vegas).- The apparent cyberattack that hobbled MGM Resorts International this past week is the latest in a string of high-profile security breaches to befall Las Vegas casinos in recent months.

"Social engineering’ proves powerful tool in casino cyberattacks", experts say

As MGM deals with what it has called a “cyber issue,” the gaming and hospitality giant apparently hasn’t been the only one to be targeted by potentially devastating cyber criminals lately. Caesars Entertainment also paid tens of millions to hackers to prevent them from releasing stolen data, Bloomberg reported Wednesday.

But the casinos have always been targets for robbers, fraudsters, hackers and, of course, cheaters. It’s just the way they’re being targeted that continues to evolve, experts say. Which means the gaming industry as a whole will have to keep evolving to avoid being further victimized by such high-stakes shakedowns.

Hackers claiming responsibilty for the MGM outage claimed they compromised the company’s infrastructure through simple social engineering, rather than unleashing ransomware.

The hacker gang ALPHV, also known as BlackCat, said that it had breached the gaming giant with a simple phone call, according to a post on X from malware repository vx-underground.

Then on Thursday, the group said it would unleash ransomware on the company’s computer systems “if a deal is not reached.”

While MGM has avoided the term cyberattack, the company has not commented on the cause of its computer failures, although the FBI confirmed earlier in the week that it was investigating the matter.

“I think this is kind of a bit of a never-ending story, as criminals find new ways to enact their crimes,” said Alan Feldman, who is the Distinguished Fellow in Responsible Gaming for UNLV’s International Gaming Institute. “So it’s a constant evolution of security systems, protocols and technologies.”

Although July was a month of record revenues for Nevada casinos, September has obviously been a month of headaches for MGM Resorts International. On Sept. 1, a hotel operations manager at MGM’s Aria turned himself in to the Metropolitan Police Department amid allegations he stole over $773,000 between July 2022 and July 2023 by issuing more than 200 false refunds to his debit card.

In June, Circa became victim to a so-called impostor scam. Downtown Las Vegas’ biggest hotel was swindled out of $1.17 million after an employee was duped into believing she was delivering bags of cash to two men at four different locations on behalf of one of the hotel’s owners.

Erik Gutierrez Martinez, a 23-year-old man who was living in an east Las Vegas trailer park with his aunt, was also accused of involvement in similar casino-targeting con jobs.

If MGM is indeed facing a cyberattack, as appears to be the likely scenario, and the reports about Caesars are true, the common thread, along with the Circa heist, would be social engineering, which basically refers to the component of hacking that involves human interaction.

To combat hacking, experts say, companies and government agencies need to be aware of and vigilant against this human element.

Social engineering happens when hackers are able to exploit vulnerabilities in a targeted company’s or government institution’s systems by deceiving an employee or employees into divulging information or allowing access, whether it be by phone, email or some other means.

“From what I’ve seen with these threat actors, that’s their main MO. That’s what they do,” said Alex Waintraub, a cybersecurity expert at CYGNVS Inc., whose mission is to help other companies navigate cyber crises. “They use the least sophisticated tactic there is, the human, to actually get into environments and and cause cyber havoc.”

Mehmet Erdem, professor of hotel operations and technology at UNLV, said that by and large Las Vegas casinos are generally good about security, and are forever playing catch-up in their efforts to beat the hackers whose techniques are constantly evolving.

 

By Brett Clarkson

Categoría:Others

Tags: Sin tags

País: United States

Región: North America

Event

PERU GAMING SHOW – PGS 2026

17 de June 2026

LSports at the Peru Gaming Show: Building Presence, Opening Doors

(Lima, SoloAzar Exclusive).- The Peru Gaming Show was never just about the booth. For LSports, it was about showing up in a market where showing up still matters — and leaving with more than a contact list. Federico Brancato, Sales Manager for the LATAM Region, came to Lima with a clear sense of what operators in this part of Latin America need most right now. What he found confirmed it.

Friday 17 Jul 2026 / 12:00

Martin Ivanov: "Latin America remains one of CT Interactive's key strategic regions"

(Lima, SoloAzar Exclusive).- CT Interactive Chief Operating Officer Martin Ivanov reflects on the company's experience at the Peru Gaming Show, highlights the opportunities emerging in the Peruvian market, and outlines the company's strategic priorities for expanding across Latin America.

Thursday 16 Jul 2026 / 12:00

Regulation and the Black Market in Latin America: Challenges and Solutions

(Lima, SoloAzar Exclusive).– As part of the Peru Gaming Show (PGS) 2026 conferences, gaming industry leaders analyzed one of the main challenges currently facing regulated markets in Latin America: the growth of illegal gambling. The panel "Regulation and the Black Market: Challenges and Solutions" brought together Carlos Fonseca, CEO of Gaming Law, as moderator; Neil Montgomery, founding partner of Montgomery & Associados; Tatiana Vásquez, founding partner of Vázquez Asociados; Karen Sierra Hughes, Vice President for Latin America, the Caribbean, and Spain at GLI; and Vanessa Cabrera, Director of the Control and Sanction Directorate of the DGJCMT-MINCETUR, who debated the causes of the black market, the available regulatory tools, and strategies to strengthen channeling toward legal gaming in the region.

Wednesday 15 Jul 2026 / 12:00

SUSCRIBIRSE

Para suscribirse a nuestro newsletter, complete sus datos

Reciba todo el contenido más reciente en su correo electrónico varias veces al mes.