IT 4336 of

52 million dollars in lost revenues and counting, a cyber-attack on MGM Resorts International, a 14B Las Vegas gaming empire with Hollywood-famous hotel spreads like the Bellagio, Cosmopolitan, Excalibur, Luxor, and the MGM Grand itself, had the house brought down by a perfect example of vishing…a 10-minute phone call.

Gamblers could not gamble. Guests could not access rooms. Lights went out. The attack led to hours of delays in guest check-ins and affected electronic payments, key cards, thousands of slot machines, ATMs, parking, and other systems.

A malware research group called VX-Underground claimed that the RaaS group “ALPHV” (a.k.a. BlackCat, a ransomware-as-a-service) was responsible for the attack. An earlier Reuters story on 9/13 initially reported “Scattered Spider” (a group of kids operating in the U.S. and UK), as the perpetrator.

What happened? Social engineering happened.

Research what exactly happened. Then discuss how you would have prevented this attack. Do NOT give your opinion as to whether MGM should or should not have paid (their competitor, Caesar’s Resorts, was the victim of a recent ransom attack – and they paid an estimated $15 million dollars). After finding out what happened, just give your opinion (make recommendations) as to how MGM could have prevented it. If you even discuss whether you would pay or not pay, you will receive a ZERO in the Planning scoring category of the rubric for not following instructions.

Remember that you must make one original post and one reply post and you MUST provide a source in your original post. You MUST follow the course Discussion Instructions. Reply to the next message.

The cyber-attack on MGM Resorts was initiated through a sophisticated social engineering tactic, specifically a vishing attack, which then led to a broader and more destructive ransomware attack carried out by the Scattered Spider group, eventually involving the BlackCat/ALPHV ransomware group. The attackers initially gained access by convincing an MGM employee to divulge login credentials over a phone call. This initial breach allowed them to escalate their access privileges within MGM’s network, particularly targeting and compromising the Okta and VMware ESXi servers. They deployed ransomware across MGM’s virtual machine infrastructure, causing widespread operational disruptions.