For many years, hackers and cybercriminals have used social engineering techniques to gain unauthorized access to confidential information. It is easy to predict that these attacks will continue to advance in sophistication and frequency. Whether they are using AI to create better lures or cyber criminals are just getting more adept at exploiting human nature, the success of these attacks proves the tactics are winning. For example, ransomware is booming, with 324,000 phishing attempts reported to the FBI in 2021.
2023 is also proving to be a successful year for cybercriminals. Recently, attacks against hospitality giants MGM Resorts and Caesars Entertainment successfully got the latter to pay upwards of $15M to regain access to their systems.
Credit: vx-underground post on X (formerly known as Twitter).
MGM formally announced on Wednesday, September 13, that a cyber incident “has significantly disrupted properties across the United States for the past three days,” but earlier reports indicate they started seeing issues on Sunday, the 10th. Caesars announced on Thursday, Sept. 14th, that they experienced a data breach on Sept. 7th. While cyber professionals are still piecing together the specifics, we know that threat actors known by different names, Scattered Spider / UNC3944 / Oktapus / Scatter Swine, utilized social engineering techniques to gain an initial foothold.
Social engineering attacks remain difficult to detect and defend against. Once successful, attackers have good credentials to use as insiders to the organization. Based on the information Mandiant shared, the attackers used social engineering techniques to gain an initial foothold. In the case of Caesars, it was confirmed that the bad actors called an IT Contractor pretending to be calling from Okta. Once given good credentials, the bad actors scanned their systems, found ways to elevate their privileges and completed a ransomware attack. While this attack didn't use a particularly novel technique, it reminds us of the importance of good training, hygiene, and the needed focus on security best practices...Read More!
