this post was submitted on 03 Jan 2024
110 points (98.2% liked)

Technology

74438 readers
2142 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
110
A tale of 2 casino ransomware attacks: One paid out, one did not - What can be learned from MGM's and Caesars' infosec moves (www.theregister.com)
submitted 2 years ago by L4s@lemmy.world to c/technology@lemmy.world
11 comments fedilink hide all child comments
 

A tale of 2 casino ransomware attacks: One paid out, one did not - What can be learned from MGM's and Caesars' infosec moves::What can be learned from MGM's and Caesars' infosec moves

all 12 comments
sorted by: hot top controversial new old
[–] AdamEatsAss@lemmy.world 20 points 2 years ago (1 children)

We developed an AI to stop hackers, it determined that humans were the number one threat to the network and tried to eliminate us. We are now a part of the resistance fighting the AI overlords.

[–] mosiacmango@lemm.ee 9 points 2 years ago

Ehh, let them win. Maybe they will do a better job of it.

[–] autotldr@lemmings.world 1 points 2 years ago

This is the best summary I could come up with:

Feature The same cybercrime crew broke into two high-profile Las Vegas casino networks over the summer, infected both with ransomware, and stole data belonging to tens of thousands of customers from the mega-resort chains.

In its report to the financial watchdog, Caesars cited a "social engineering attack on an outsourced IT support vendor," which we now know was Okta, and said the crooks stole its customer loyalty program database, which contained a ton of personal information.

Ultimately, MGM suffered nearly a week of outages, operational disruptions, and angry customers, costing the corporation about $100 million in losses — and now its stolen data has reportedly been leaked.

When looking at what ransomware payment end up funding (weapons development, oppressive regimes, more cybercrime and network intrusions), with all other things being equal, we'd assume most organizations would choose to not give in to extortion demands.

All of these also likely went into the casino exec's decision, said Megan Stifel, chief strategy officer for the Institute for Security and Technology and the executive director of the IST's Ransomware Task Force.

If this includes health-care records, or data belonging to or about minors, they may be more inclined to pay the demand rather than have this information leaked, Kimberly Goody, head of cyber crime analysis at Mandiant, told The Register.

The original article contains 1,361 words, the summary contains 215 words. Saved 84%. I'm a bot and I'm open source!