MGM Attack Drives Cybersecurity to Top of Mind

A cyberattack that took down multiple systems at MGM Resorts International properties across the U.S. has the world talking. And it should, because if the casino industry, known for its high-level security, can be hacked, then any company could be at risk. 

While details of exactly what transpired haven’t been divulged, the impact is widespread, putting companies across the nation on high alert to ensure they’re not next. 

"The MGM Resorts ‘cybersecurity issue’ and its aftermath perfectly illustrate why cyber risk is now a board-level issue for every company,” said Curtis Franklin, principal analyst, enterprise security management at Omdia.

The incident, or incidents, impacted every facet of the company's operations affecting employees, customers, partners and owners of MGM, Franklin said.

“The fact that operations are still affected three days after the incident shows why resilience must be a central focus of cybersecurity management,” Franklin said. “Incidents will happen, but executives must prioritize the plans, processes and procedures to ensure that the impact of those incidents will be as minor and short-lived as possible." 

Like what you're reading? For more stories like this on emerging technologies, sign up for our free daily email newsletter to stay updated!

Related:Cyberattack Shuts Down MGM Resorts; FBI Investigating

Thursday morning, MGM said it was still working through the issues and thanked its customers for their patience.  

“We continue to work diligently to resolve our cybersecurity issue while addressing individual guest needs promptly,” it said in a statement posted on X, formerly known as Twitter. 

Cybersecurity expert Randall Berry chair and John A. Dever Professor at Northwestern University's department of electrical and computer engineering said it’s scary how quickly a casino like MGM can be hacked and to see the wide impact of the attack. 

“The networked world that we live in provides many useful services but as this shows it also can greatly amplify the impact of an attack,” he said. “It is likely that this attack was facilitated by social engineering, which amplifies the often-made point that humans are the weakest link in cybersecurity.”