MGM Resorts Cyber Attack: How a Lapse in Human Judgement Can Open the Door to Threat Actors

Cliff Martin, GRCI Law’s Head of Cyber Incident Response, comments on the MGM Resorts cyber attack:

“This week has been particularly challenging for MGM Resorts International due to the recent ransomware attack orchestrated by ALPHV/BlackCat. It serves as a stark reminder that no matter how much an organisation invests in technology, a single lapse in human judgement can open the door to threat actors. This incident underscores the critical importance of training employees in cyber security. 

Remarkably, it has been reported that the threat actors managed to breach MGM’s IT environment in just 10 minutes by leveraging a simple social engineering tactic. They used information about an employee on LinkedIn to manipulate the IT help desk into changing their credentials and providing them to the threat actor. The threat actor was then able to use these credentials to gain access into the environment. 

“This breach led to the compromise of all critical IT systems within MGM, resulting in a severe blow to the organisation’s reputation. 

“As aptly pointed out by EvilSec on X (formerly known as Twitter), vishing (voice phishing) has become shockingly prevalent in a landscape where people may not prioritise cyber security.  

“Employees, often with heavy workloads, become susceptible to such tactics, making it alarmingly easy for threat actors to exploit these vulnerabilities. As well as employee training, it is imperative for organisations to establish a robust incident response plan to effectively address cyber security incidents.  

“Regardless of an organisation’s size, it is not a question of ‘if’ but ‘when’ a cyber security incident will happen.  

“Being well prepared is key to minimising an incident’s impact and protecting what is important. The earlier an incident can be detected, the better.”

 Cliff Martin is Head of Cyber Incident Response at GRCI Law


Cyber incident response with GRCI Law

Creating a cyber incident response plan can be harder than it looks, and it’s why we always recommend seeking expert advice.

The last thing you need is to invest in a response plan only to realise when you need it most that it doesn’t properly work.

Cyber Incident Response Tabletop Exercises

If you’re looking to avoid that, GRCI Law’s Cyber Incident Response Tabletop Exercises are an ideal resource.

These exercises will highlight any deficiencies, recommend improvements and ensure that everyone knows what to do in the event of a cyber security incident.

This service provides your organisation with an experienced, independent CIR team, who will assess your current CIR capabilities in line with industry-recognised good practice.

This is a bespoke service, which is tailored for your organisation. We understand that no two organisations are the same and our consultancy team will work with you to ensure that these exercises address the risks that your organisation faces.

Get in touch with our team today to find out how you can get started.

Get started