this post was submitted on 03 Jan 2024
125 points (98.4% liked)

Technology

59534 readers
3143 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

A tale of 2 casino ransomware attacks: One paid out, one did not - What can be learned from MGM's and Caesars' infosec moves::What can be learned from MGM's and Caesars' infosec moves

all 15 comments
sorted by: hot top controversial new old
[–] AdamEatsAss@lemmy.world 24 points 10 months ago (1 children)

We developed an AI to stop hackers, it determined that humans were the number one threat to the network and tried to eliminate us. We are now a part of the resistance fighting the AI overlords.

[–] mosiacmango@lemm.ee 9 points 10 months ago

Ehh, let them win. Maybe they will do a better job of it.

[–] autotldr@lemmings.world 1 points 10 months ago

This is the best summary I could come up with:


Feature The same cybercrime crew broke into two high-profile Las Vegas casino networks over the summer, infected both with ransomware, and stole data belonging to tens of thousands of customers from the mega-resort chains.

In its report to the financial watchdog, Caesars cited a "social engineering attack on an outsourced IT support vendor," which we now know was Okta, and said the crooks stole its customer loyalty program database, which contained a ton of personal information.

Ultimately, MGM suffered nearly a week of outages, operational disruptions, and angry customers, costing the corporation about $100 million in losses — and now its stolen data has reportedly been leaked.

When looking at what ransomware payment end up funding (weapons development, oppressive regimes, more cybercrime and network intrusions), with all other things being equal, we'd assume most organizations would choose to not give in to extortion demands.

All of these also likely went into the casino exec's decision, said Megan Stifel, chief strategy officer for the Institute for Security and Technology and the executive director of the IST's Ransomware Task Force.

If this includes health-care records, or data belonging to or about minors, they may be more inclined to pay the demand rather than have this information leaked, Kimberly Goody, head of cyber crime analysis at Mandiant, told The Register.


The original article contains 1,361 words, the summary contains 215 words. Saved 84%. I'm a bot and I'm open source!

[–] just_another_person@lemmy.world -4 points 10 months ago (3 children)

Not running Windows would be a good start.

[–] sylver_dragon@lemmy.world 48 points 10 months ago (1 children)

Your choice of OS doesn't help when your IAM provider's tech support happily resets your admin passwords for the attacker.

[–] JJROKCZ@lemmy.world 36 points 10 months ago (2 children)

Most of our vendors only make products for windows, barely understand windows and certainly don’t understand Linux or as400, and they dont intend to. Those that do run Linux and as400 are actively transitioning their systems to a windows based version as it’s easier for the casinos to maintain.

Source: IT Director for a casino company and responsible for hundreds of windows servers, thousands of PCs, 12 Linux and half a dozen as400s - I’m not with Caesars or MGM thank god but their breaches caused me a ton of work and lost sleep trust me

[–] fruitycoder@sh.itjust.works 2 points 10 months ago* (last edited 10 months ago) (1 children)

Yikes. I've seen that strat before. Dinosaur vendors are the worst. My only advice to focus on replacing bad vendors like that wherever and whenever you can, getting stuck actively building out an already legacy system sucks. Good luck!

The "Adopt, Buy, Build" strategy is good one as well as the "strangler pattern" to help keep you from entrenching your self in shitty systems.

[–] JJROKCZ@lemmy.world 10 points 10 months ago (1 children)

Unfortunately there aren’t many vendors in this space, especially since a few of the shittier options have committed to just buying out competitors and sitting on their products rather than doing anything requested with them.

The casinos are extremely tight with money, they bring in tons, they just aren’t interested in spending it on anything other than building new/more casinos and of course c suite bonuses like all corps. They’re whiney and cheap, not good clients.

[–] fruitycoder@sh.itjust.works 2 points 10 months ago

IT being a cost center is a rough position to be in tbh, I get it. For me, even when I can convince them that moving to upgrading to more modern scalable systems will be an investment that should see an increase in uptime and a decrease in the number of admins needed, it is still a fight to get them to actually INVEST in it and not just unfunded mandate a change in systems.

I don't even want to think about what hundreds of Windows servers administration looks like. Like SCCM and Group Policy is more powerful than Linux admins give it credit for, but still at that scale what a nightmare. I hated it on the scale of tens of servers.

[–] AdamEatsAss@lemmy.world 1 points 10 months ago

All gambling will now require you to first log in with your apple ID!