Freely subscribe to our NEWSLETTER

"Security incidents for high profile hospitality organisations seem to be on a rise these past few months, like we saw in September with MGM resorts and Caesar’s entertainment cyber-attack. In this case, it hasn’t been announced if it is a ransomware attack, but it’s known that threat actors have stolen customer data, which can be used for phishing attacks against them.

These kinds of breaches occur due to threat actors using social engineering to bait the users into giving their credentials or one-time codes to bypass multi-factor authentication. It may also be down to security and configuration negligence. Resorts like these have guest and internet facing networks that can allow the threat actors to gain access if they are not configured correctly or the latest vendor software updates have not been installed to tackle vulnerabilities.

Our advice would be to never pay the threat actors ransom fee or have any communication with them, as more often than not, they will take the money and leak the stolen data anyway. Businesses should thoroughly investigate how the breach occurred and consider implementing an IR team to investigate and identify the source of the breach in order to contain it as quickly as possible. Additionally, businesses as big as Marina Bay Sands (MBS), should have Endpoint Detection and Response (EDR) installed on all endpoints already and an Intrusion detection (IDS) and prevention (IPS) system within their network environment in order to detect and stop potential incidents as it allows for monitoring of traffic on the network to identify any known malicious behaviour."