An arrest at last
If you were paying attention to the gambling news last year, you will definitely have noticed the very high-profile hacking of MGM Resorts International. Now, UK police have finally made an arrest in the case – although the suspect might not fit the description you have in your head.
on suspicion of blackmail and offenses related to the Computer Misuse Act
Police arrested a 17-year-old English boy on Thursday in relation to a series of hacks, including the MGM one in September last year. Police placed the teenager in custody on suspicion of blackmail and offenses related to the Computer Misuse Act, but he has since been released on bail.
According to a release from West Midlands Police, authorities suspect the teen worked with a “large scale cyber hacking” community to carry out the attack on MGM. The casino operator lost access to many of its systems for ten days, losing millions of dollars in the process and exposing the data of guests.
An MGM crisis
MGM users first noticed the operator’s website and withdrawals were down on September 11 2023. Speculation was rife, with many on social media suggesting the casino company had been hacked. That turned out to be true. Criminals had supposedly gained control of MGM systems through a social engineering hack.
Once the offenders had access, MGM had to shut down many of its systems to try stop the hackers from gaining access to private information. This affected many of its Las Vegas properties, meaning ATM withdrawals were unavailable, slot machines shut down, and even hotel room keys wouldn’t work.
According to some reports, MGM lost around $8.4m per day during the cyberattack. It lasted nearly two weeks as the company worked with the FBI and other cybersecurity experts to regain control. Meanwhile, the hackers were demanding a ransom of a reported $30m – a ransom that MGM supposedly never paid.
The suspects
At the time of the attack, VegasSlotsOnline News spoke with a cybersecurity expert to find out more about the people behind it. Jonathan Care, Lionfish Tech Advisors expert, explained that Russian group ALPHV had taken responsibility for the attack.
it is an effective demonstration of their capability”
“ALPHV run BlackCat as a “Ranswomware-as-a-service” offering for other criminal gangs,” he explained. “The motivation is not clear, but it is an effective demonstration of their capability.”
While ALPHV might have carried out the hack, the FBI has now blamed Scattered Spider for orchestrating the attack. This year, in an interview with CBS News, other industry insiders shed more light on these culprits. It is a hacker group of mainly native English speakers that specialize in social engineering.
The arrest of an English teenager fits into this narrative, as this group consists of young online criminals based in Western countries who have partnered with more experienced Russians.
