「Answers About Investing And Financial Markets」の版間の差分

The hacks have cast fresh spotlight on ransomware attacks - cyber intrusions that affect hundreds of companies every year, from healthcare providers to telecom firms. MGM and Caesars lost market value last week as stock prices fell, and MGM is yet to recover from various operations disrupted at the hotels and gaming venues it owns from Las Vegas to Macau.

David Bradbury, chief security officer of the identity management company Okta, said five of the company's clients, including MGM and Caesars, had fallen victim to hacking groups known as ALPHV and Scattered Spider since August.

MGM's ongoing woes come after rival gaming giant Caesars Entertainment confirmed it had detected a breach last week -- but Caesars reportedly paid a ransom of roughly $15 million, and has avoided any customer-facing disruptions.

Both breaches appear to have been initiated through 'social engineering' attacks, in which the hackers tricked human targets into handing over login credentials, such as by impersonating real employees in phone calls to support lines.

Attribution for the attacks remained ambiguous. A group called Scattered Spider has contacted journalists claiming responsibility for both breaches, while an affiliated gang known as ALPHV posted a lengthy statement contradicting those claims and saying it conducted the MGM attack.

Meanwhile, in a statement late Thursday, hackers claiming responsibility for the breach said they maintained access to 'some of MGM's infrastructure' and threatened 'additional attacks' if their ransom demands are not met.

Ridiculous check in queues and casinos down¿ this is The Aria but seeing the same at many MGM resorts in Vegas. The MGM hack is causing chaos #mgm #mgmhack #mgmhacked #lasvegas pic.twitter.com/7pyw5ICCzs

User @LasVegasLocally shared photos of $25 dining and beverage vouchers, writing: 'MGM Resorts employees have been given stacks of "guest recovery vouchers" to hand to any hotel guest who complains about basically anything at all this weekend.' 

The financially-motivated hacking group ALPHV claimed the MGM hack in a post on its website Friday, and warned MGM of further attacks if it didn't strike a deal. It's unclear how much ransom ALPHV has demanded.

Scattered Spider appears to have worked with ALPHV on the latest hacks, Bradbury said, citing research by security analysts who have tracked both groups. "Think of them more as business associates or affiliates," he said.

The hackers claimed that they had infiltrated MGM's network by Friday September 8, and that the initial disruptions to the company's system last weekend were actually the result of MGM employees frantically disconnecting devices to stem the attack.

'For hotel reservations arriving September 13-17, 2023, we understand your travel plans may have changed, so we are waiving change and cancellations fees,' the website advises. 'Thank you for your patience.'

X user @LasVegasLocally shared photos of $25 dining and beverage vouchers, writing: 'MGM Resorts employees have been given stacks of "guest recovery vouchers" to hand to any hotel guest who complains about basically anything at all this weekend.'

San Francisco-based Okta, which says it has more than 17,000 customers around the world, provides identity services such as multi-factor authentication used to help users securely access online applications and websites. Multiple breaches it identified at its customers last month prompted the company to issue an alert then, Bradbury said.

SAN FRANCISCO, Sept 18 (Reuters) - Hackers who breached casino giants MGM Resorts International and Caesars Entertainment in recent weeks also broke into the systems of three other companies in the manufacturing, retail, and technology space, a security executive familiar with the matter said.

At the time, Okta said its U.S. customers were reporting a consistent pattern of attacks where hackers impersonated a victim firm's employees and convinced their information technology helpdesk into providing them duplicate access.

The hacker group said it had made 'multiple attempts' to contact MGM with ransom demands, but had received no response aside from an unidentified user lurking silently in the chatroom set up to conduct the negotiations. 

Google's Mandiant Intelligence last week called Scattered Spider, also known as UNC3944, as one of the most disruptive hacking outfits in the United States. Bradbury said Mandiant's description of the group's tactics aligned with what Okta had observed in the recent hacks. (Reporting by Zeba Siddiqui in San Francisco; Editing by Michael Perry)