Big news in 2023
A CBS News interview has shed some more light on the cyber attacks that seemed brought certain Las Vegas casinos to a standstill last year.
MGM Resorts International reported that it lost an estimated $100m following weeks of chaos last year as a result of a cyberattack. The operator had to shut down its slot machines, ATM machines, and other electrical services in several casinos to try to contain the hackers. The casino giant refused to pay a ransom but lost millions each day as a result before eventually regaining control.
Caesars Entertainment confirmed that it was also the victim of a cyberattack
Around the same time, Caesars Entertainment confirmed that it was also the victim of a cyberattack. Instead of trying to beat the hackers like MGM, Caesars decided to pay its attackers, forking out $15m.
For a recent article, CBS News spoke with industry insiders and cybersecurity experts to find out a little more information about the potential perpetrators of the attacks. The 60-minute piece suggested that young, western hackers are working with Russians to hold these major companies to ransom.
Expert insight
CBS tasked, Allison Nixon, Chief Research Officer at Unit 221b, with shedding some light on the perpetrators of the Las Vegas attacks. The FBI has blamed Scattered Spider, a hacker group of mainly native English speakers that specialize in social engineering. This is when hackers use psychological manipulation to trick users into making security mistakes.
Nixon, a cybersecurity expert, said that part of the success of Scattered Spider comes from the fact its members have experience in Western society and know how to manipulate people. “They know what to say to get someone to do something,” she explained.
Scattered Spider is just one part of a much wider problem
According to the expert, Scattered Spider is just one part of a much wider problem. The group is part of a collection of online criminals that call themselves “the Community,” or “the Com.” She described this as “an English-speaking youth subculture” (males under the age of 25) that is “surprisingly disruptive.”
Nixon explained that Russians have now partnered up with these young hackers after meeting on the dark web.
Affiliate hacking
CBS also interviewed Jon DiMaggio, a former analyst for the National Security Agency. He explained how these Russian-Com partnerships tend to work. He said: “So there’s a term. It’s called “ransomware as a service,” that’s been given to the structure and the format of these gangs.”
As DiMaggio goes on to explain, groups like BlackCat provide their malware and experience in money laundering and negotiation. Meanwhile, the Com groups like Scattered Spider will provide their social engineering skills to actually carry out the attack. The Com groups are referred to as “affiliates” of the Russian hackers.
There are people that specialize in developing malware and ransomware”
The expert claims that these Russian groups are run like legitimate companies, even offering 24-hour service desks and human resources. “There are people that specialize in developing malware and ransomware, and they’re in very high demand,” DiMaggio said.
He also suggested that the Russian government provides a safe haven for these gangs. Many cybersecurity experts believe these Russian hackers are providing a share of their earnings to the state to fund the war with Ukraine.