Cyber Attack at MGM (1 Viewer)

This has been amazing to watch afar. Can't believe MGM hasn't paid the ransom. Absolute shit show going on and they are going to lose customers for life.

The hack apparently started from them impersonating an employee utilizing their Linkedin profile.
 
The hackers statement shaming MGM for greed and lack of concern for consumer data is so wild

IMG_9684.jpeg
 
Thanks to the bigger-better-faster craze over the past decade(s) in IT, we're at a point where all these systems that are in place are far too complex for any individual to comprehend, let alone see all the implications it comes with. We're in the "find out" phase now.

Yet another data point prompting me to reconsider a career in landscaping...

when-does-it-stop-v0-5izq2xc8j2xa1.jpg
 
I’ve been in IT for 34 years and I still have another 9-11 left, but I can’t wait until I start my part time job being a golf course ranger and confiscating cheap beer from teenagers golf carts.
I’m right there with you (23 years) but I’ll just play poker in retirement :sneaky: ;)
 
truth be told I feel for them. I’m a CISO and spoke to some CISOs working for casinos last time I was in Vegas and there are two main problems in the industry today.

There is not enough money being put into training and defences. And there are not enough cybersecurity experts in the world to meet the demand of the market.

Being a cyber/information security specialist today is like being the hottest girl on prom. You get more messages then you want…
 
If the hackers got in and encrypted data, paying the ransom was likely the only resolution.

I'm not sure how often a casino would run backups but even restoring from a set point of hours in the past could easily cost more than ransom.

Change your passwords people!! Frequently.
Backups should run every morning but proper attackers hit the backups first. So you need to find out where the breach was and how deep they went. Otherwise restore might just to things worse…
 
There is not enough money being put into training and defences.
You can't ever pour enough money into defense and training.
If someone really wants to get in, they will get in, no matter what you do.
It's all just a question of how much energy an attacker is willing to invest.
 
When Blackcat/APLHV is attacking you there is hard to defend but not impossible. But when they take down your hypervisor structure you are in a quite a bad spot.

Restoring 100+ hypervisors requires a disaster recovery site and plan that seems to be missing.
 
I moved down from IT about 15 years ago, although my specialty was more on the hardware/infrastructure side. Last big job with that was 'doing the impossible' at a Facebook data center, where the general didn't run enough conduit in the datacenter slab to support all the crap FB spec'd. Got called in as an independent (with a small crew) to 'do some magic' and also install/setup the main peripherals. Yeah, it paid - but I was done after that. Had also been doing some part-time work as an IT director for some small organizations (ex; Chambers of Commerce offices in a few counties). Left all that about 7 years ago when attacks were starting to occur even on smaller organizations. I think the decision maker for me was when everyone was insisting on "keeping it in the cloud", while also saying they wanted everything as secure as possible. I gracefully transitioned away, and haven't really looked back. I feel absolutely sorry for anyone still professionally trying to deal with anything connected to the 'net. Even gave up my other 'hobby' forums I owned and admin'd - couldn't hardly go a day without some type of attack. I make the same/more money now, doing a third as much, without too many headaches, being on call, and having to explain the simplest things to so-called professionals.
 
I moved down from IT about 15 years ago, although my specialty was more on the hardware/infrastructure side. Last big job with that was 'doing the impossible' at a Facebook data center, where the general didn't run enough conduit in the datacenter slab to support all the crap FB spec'd. Got called in as an independent (with a small crew) to 'do some magic' and also install/setup the main peripherals. Yeah, it paid - but I was done after that. Had also been doing some part-time work as an IT director for some small organizations (ex; Chambers of Commerce offices in a few counties). Left all that about 7 years ago when attacks were starting to occur even on smaller organizations. I think the decision maker for me was when everyone was insisting on "keeping it in the cloud", while also saying they wanted everything as secure as possible. I gracefully transitioned away, and haven't really looked back. I feel absolutely sorry for anyone still professionally trying to deal with anything connected to the 'net. Even gave up my other 'hobby' forums I owned and admin'd - couldn't hardly go a day without some type of attack. I make the same/more money now, doing a third as much, without too many headaches, being on call, and having to explain the simplest things to so-called professionals.
Spacing please!

TLDR?
 
No! Get off my lawn! lol....

TLDR;

I.T. (for me) used to be fun, used to be rewarding, and the way things keep going - it's getting to be a huge headache and life's much better not having to deal with the increasing headaches
I got into service-orientated product management to get out of the daily grind and play with the parts of my previous Ops jobs that I really enjoyed but rarely got to focus on. Love it. Don’t miss operational IT even in the slightest. I have a ton of well-earned respect for the people that work on customer customer, infrastructure management, and service delivery. They good ones work really hard to keep the lights on and keep things running smoothly and securely. It’s a brutally tough and demanding job.
 
When Blackcat/APLHV is attacking you there is hard to defend but not impossible. But when they take down your hypervisor structure you are in a quite a bad spot.

Restoring 100+ hypervisors requires a disaster recovery site and plan that seems to be missing.
My company offers immutable backup storage and a Zerto-focused DRaaS offer that has been growing significantly because attacks like this have gotten so prevalent (and so sophisticated). But ironically they often start with a phone call and a hurried request to reset a password before a big meeting. The human factor is always the weak joint in the security architecture.
 
I crossed over to the dark side some time ago. I think it might have been @Beakertwang that did it to me.
To be fair, I advocate for 100 blind chips max in most home games, with the caveat that some smaller, limp-heavy games might benefit from another couple barrels. The .25/.50 game I play could probably deal with 60 quarters for 9 players, since most opens are $2 or $3.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account and join our community. It's easy!

Log in

Already have an account? Log in here.

Back
Top Bottom