MGM Cyber-Attack was devised by hackers used a technique called “Social Engineering” and within 10-minutes gained access to this $33.9 Billion dollar business. This data breach at MGM could have been avoided.
Cyberattack compromises computer systems at MGM casinos, resorts
A cyberattack by hackers on the computer systems for MGM Resorts International has impacted its casinos and hotels in several states.
According to VX-Underground, the hacker or hackers found an MGM employee on LinkedIn, called the company’s Help Desk impersonating that employee, and were able to hack MGM’s system in the span of a 10-minute phone call.
Protecting your organization against cyber social engineering attacks requires a combination of technological solutions, employee training, and a security-conscious culture. Social engineering attacks often manipulate individuals into divulging confidential information or performing actions that compromise security. Here are steps to help safeguard your organization:
- Employee Training and Awareness:
- Conduct regular security awareness training for all employees, teaching them about various social engineering tactics and how to recognize them.
- Simulate phishing attacks to test your employees’ ability to identify suspicious emails or messages.
- Encourage employees to report any suspicious activity immediately.
- Implement Strong Authentication:
- Enforce strong, unique passwords for all accounts.
- Use multi-factor authentication (MFA) to add an additional layer of security.
- Secure Physical Access:
- Control physical access to your organization’s premises. Implement security measures such as access cards, biometric systems, and security personnel.
- Educate employees about the importance of not letting unauthorized individuals into secure areas.
- Email Security:
- Employ email filtering and anti-phishing solutions to detect and block malicious emails.
- Verify email senders, especially before sharing sensitive information or performing financial transactions.
- Endpoint Security:
- Keep all software and operating systems up to date with the latest security patches.
- Install and maintain antivirus and anti-malware software on all devices.
- Use endpoint detection and response (EDR) solutions to monitor for unusual activity.
- Access Control and Least Privilege:
- Implement the principle of least privilege, where employees only have access to the systems and data necessary for their roles.
- Regularly review and update access permissions.
- Incident Response Plan:
- Develop a robust incident response plan that includes procedures for handling social engineering attacks.
- Test the plan through tabletop exercises and real-life simulations.
- Security Policies:
- Establish clear and comprehensive security policies that cover social engineering risks.
- Ensure that employees understand and follow these policies.
- Secure Communication:
- Encrypt sensitive communications, both in transit and at rest.
- Educate employees about the importance of not sharing sensitive information over unsecured channels.
- Regular Security Audits and Assessments:
- Conduct regular security audits and assessments to identify vulnerabilities and weaknesses in your organization’s security posture.
- Vendor and Third-Party Risk Management:
- Assess the security practices of third-party vendors and partners who have access to your organization’s data.
- Continuous Monitoring:
- Implement continuous monitoring of network traffic and system logs to detect unusual or suspicious activities promptly.
- Employee Verification:
- Verify the identity of individuals who request sensitive information or actions, especially if it involves financial transactions.
- Crisis Communication Plan:
- Develop a crisis communication plan to inform stakeholders and the public in the event of a successful social engineering attack.
- User Behavior Analytics (UBA):
- Use UBA tools to monitor user behavior and detect deviations from normal patterns that may indicate a security breach.
Remember that social engineering attacks can be highly sophisticated and constantly evolving. Therefore, it’s essential to stay informed about new tactics and technologies and adapt your security measures accordingly. Regularly review and update your security policies and practices to address emerging threats.