The call was coming from inside the house. And the horror story continues to unfold.
The news about MGM Properties has sent shockwaves through the cybersecurity world, and rightfully so. This large-scale breach has emphasized the importance of human vigilance in cyber defense and how even the strongest security infrastructures can be undermined by a simple employee miscalculation.
For MGM it’s a horror story, but you don’t have to live it. Instead, you can learn from it.
The Villian
Every horror story has a villain, and behind the attack is the notorious group, Scattered Spider, an affiliate of ransomware-as-a-service, BlackCat. They’ve mastered the art of social engineering—using manipulation techniques to exploit their victims. With almost 12% of all cybersecurity attacks in 2022 involving the BlackCat ransomware, including major breaches like Seiko and Mazars Group, the threat landscape is filled with an alarming number of villians and plots evolving at an alarming rate.
Being U.S.-based, Scattered Spider is at a distinct advantage over other threat actors. They understand their targets' cultural nuances, can pull off convincing scams involving direct interactions, and exploit local nuances.
The Plot
So how did this story develop from MGM's Helpdesk to a business catastrophe?
One phone call.
The MGM breach started with a simple phone call to the MGM helpdesk. It's a sobering thought for MSPs everywhere: even the most sophisticated defenses can be circumvented by manipulating human psychology.
What’s the ending?
Every horror movie has an ending. The heroes live to fight another day, so for businesses and MSPs looking to safeguard themselves, here are a few key takeaways:
- Defense In Depth: Layered security is the name of the game. One mistake shouldn't be the endgame. Redundant defenses ensure that small missteps don't evolve into catastrophic breaches.
- Employee Training: Continuous education is crucial. It’s not just about having security tools in place but ensuring that every individual within the organization knows how to use them and how to spot potential threats.
- Regular Testing: Simply training isn’t enough. Periodic tests, such as phishing simulations, help identify potential weak links within the organization.
- Supplier Vigilance: Businesses are not isolated entities. They work with suppliers, contractors, and partners. Ensuring that these third parties prioritize security is essential to creating a comprehensive cybersecurity strategy.
Sequel?
Nobody wants a sequel, so for the customers and visitors to MGM properties, the message is clear: be vigilant. While the full extent of the data breach is still unknown, proactive measures, such as monitoring financial accounts and keeping an eye out for suspicious activities, are essential.
Final Thoughts
MGM's breach is truly disturbing. Threats don't always come in the form of sophisticated malware or zero-day exploits. Sometimes they’re just a phone call away. As the cybersecurity landscape continues to evolve, so should our defenses.
And the first step? Recognizing the value of human vigilance in the grand scheme of cybersecurity. We don’t have to live a horror story, but that means being proactive.
Join us for an URGENT Security Friday Session on how you can protect your help desk from hacking attempts this Friday (September 22, 2023). Register at www.galacticscan.com/security-friday
