Hackers who breached casino giants MGM, Caesars also hit 3 other firms,
Okta says
Send a link to a friend
 [September 19, 2023]
By Zeba Siddiqui
SAN FRANCISCO (Reuters) - Hackers who breached casino giants MGM Resorts
International and Caesars Entertainment in recent weeks also broke into
the systems of three other companies in the manufacturing, retail, and
technology space, a security executive familiar with the matter said.
David Bradbury, chief security officer of the identity management
company Okta, said five of the company's clients, including MGM and
Caesars, had fallen victim to hacking groups known as ALPHV and
Scattered Spider since August.
In an interview with Reuters, Bradbury didn't name the other companies,
but said Okta was cooperating with official investigations into the
breaches.
The hacks have cast fresh spotlight on ransomware attacks - cyber
intrusions that affect hundreds of companies every year, from healthcare
providers to telecom firms. MGM and Caesars lost market value last week
as stock prices fell, and MGM is yet to recover from various operations
disrupted at the hotels and gaming venues it owns from Las Vegas to
Macau.
San Francisco-based Okta, which says it has more than 17,000 customers
around the world, provides identity services such as multi-factor
authentication used to help users securely access online applications
and websites. Multiple breaches it identified at its customers last
month prompted the company to issue an alert then, Bradbury said.
"We saw this happened in such a small period of time and we thought we
should be coming forward to the industry at large and explaining what's
happening here," he said.
At the time, Okta said its U.S. customers were reporting a consistent
pattern of attacks where hackers impersonated a victim firm's employees
and convinced their information technology helpdesk into providing them
duplicate access.
[to top of second column]
|
An exterior view of MGM Grand hotel and casino, after MGM Resorts
shut down some computer systems due to a cyber attack in Las Vegas,
Nevada, U.S., September 13, 2023. REUTERS/Bridget Bennett
"We've seen consistently over the past six to 12 months, a ramp up
in these types of attacks," Bradbury said.
MGM has not commented on the statement or the hack, beyond saying
last week that it was dealing with a "cybersecurity issue." Caesars
earlier said it was investigating the breach.
The financially-motivated hacking group ALPHV claimed the MGM hack
in a post on its website Friday, and warned MGM of further attacks
if it didn't strike a deal. It's unclear how much ransom ALPHV has
demanded.
Bradbury said the group had breached into MGM and obtained access to
its Okta client, which allowed it further access to more credentials
in the identity management firm's system.
Scattered Spider appears to have worked with ALPHV on the latest
hacks, Bradbury said, citing research by security analysts who have
tracked both groups. "Think of them more as business associates or
affiliates," he said.
Google's Mandiant Intelligence last week called Scattered Spider,
also known as UNC3944, as one of the most disruptive hacking outfits
in the United States. Bradbury said Mandiant's description of the
group's tactics aligned with what Okta had observed in the recent
hacks.
(Reporting by Zeba Siddiqui in San Francisco; Editing by Michael
Perry)
[© 2023 Thomson Reuters. All rights
reserved.]This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content. |
