How a 10 minute phone call using social engineering tactics shut down MGM Resorts

In a world driven by technology, even the most renowned establishments aren’t immune to the threat of cyberattacks. This week, MGM Resorts found itself at the center of a cyber crisis, as the notorious ALPHV/BlackCat ransomware group claimed responsibility for a crippling cyber outage. In this blog post, we delve into the details of this incident, how the attackers gained access and MGM Resorts’ response.


According to a report from malware archive vx-underground, the ALPHV/BlackCat ransomware group revealed their involvement in the MGM Resorts cyberattack. Their plan of attack? Common social engineering tactics, aimed at gaining employees’ trust to obtain sensitive information and extort a hefty ransom from the hospitality giant. Shockingly, the group claims that the initial conversation, which paved the way for the cyber assault, lasted a mere 10 minutes.


The ALPHV group’s approach may sound surprisingly simple, but its effectiveness is undeniable. They allegedly initiated their attack by utilizing LinkedIn, the professional networking platform, to identify an MGM Resorts employee. Once the target was identified, they reportedly contacted the company’s Help Desk. This deceptively straightforward approach allowed the attackers to gain a foothold within the organization.


MGM Resorts began experiencing outages earlier in the week, prompting casino-goers on the Las Vegas Strip to notice slot machines suddenly going dark. As of Wednesday morning, the situation has yet to fully normalize, with the company’s website still displaying signs of disruption.


While the ALPHV/BlackCat ransomware group is vocal about their involvement, security experts have not independently confirmed the accuracy of their claims. MGM Resorts, on the other hand, has remained relatively tight-lipped, failing to respond to inquiries regarding the incident. However, in an official statement released on Tuesday, the company asserted that “Our resorts, including dining, entertainment, and gaming, are currently operational.”


The MGM Resorts cyber outage serves as a stark reminder that cyber threats can strike even the most prominent organizations. As this incident unfolds, it emphasizes the importance of robust cybersecurity measures and employee awareness training. While MGM Resorts continues to grapple with the aftermath of this attack, one can only hope that the lessons learned will lead to enhanced security practices and a more resilient cybersecurity posture for all.

If this doesn’t concern you as a business owner, we’re not sure what would. It’s important to constantly train your team members on cyber security best practices! As you can see, all it takes is a simple phone call and human error to allow a hacker access to your organization and bring it to a crippling halt!


Reach out to us today and find out how we can help prevent this from happening to you.