Services at hotels and casinos owned by MGM Resorts International Inc. have been at least mostly restored following a ransomware attack that crippled services provided by the company last week.

The cyberattack was first detected on Sept. 10 and affected systems, including websites, online reservations, ATMs, credit card machines and MGM Resorts across the U.S. In Las Vegas, it was reported that the attack also affected slot machines and room key systems.

To this point, MGM has still not formally disclosed the form of what the company still described as a “cybersecurity issue.” But a report on Sept. 13 linked the attack to the ALPHV/BlackCat ransomware group. VX-Unground, a malware research group, claimed on X (formerly Twitter) that the ransomware group compromised the company by calling the MGM Resorts helpline and undertaking a 10-minute conversation.

Other reports have since linked the attack to a group going by the name of “Scatter Spider,” the same group that was linked to a similar attack on casino operator Caesars Entertainment Inc. earlier this month. According to a report on Sept. 14, Scatter Spider, also known as UNC3944, is an affiliate of ALPHV/BlackCat.

Ransomware affiliates collaborate with ransomware creators, in this case, ALPHV/BlackCat, by deploying the ransomware within victim networks and are sometimes responsible for specific tasks like data theft or extortion based on their expertise.

In a statement on X on Sept. 20, MGM Resorts said services in its hotel and casinos are now operating normally — though one reporter said she still couldn’t book a room there.

Please read our latest update below. Learn more: https://t.co/INKgreBSrt pic.twitter.com/N4zbQEFJFr

— MGM Resorts (@MGMResortsIntl) September 20, 2023

The attack on MGM Resorts has drawn widespread attention to the problem of ransomware attacks and the need to enhance cybersecurity measures.

“The recent cyberattack on MGM Resorts International unveiled the significant deficiencies in the company’s cyber infrastructure and training, paralyzing key sectors of the business,” Lisa Plaggemier, executive director at the non-profit security awareness and educational organization National Cybersecurity Alliance, told SiliconANGLE. “This incident starkly emphasizes the pressing need for robust investment in cyber infrastructure, including regular security audits and thorough employee training programs, to fortify defenses and effectively combat future cyberthreats. Without such measures, the risk of extensive downtime and financial losses remains a looming threat.”

Photo: Zereshk/Wikimedia Commons