Caesars paid millions in ransom to cybercrime group
Days before MGM’s computers were taken down, a cybercrime group infiltrated and disrupted Caesars’ systems. The cybercrime group demanded a ransom from MGM as well.
There have been two highly disruptive attacks targeting the gaming industry in the past few weeks. On Thursday morning, Caesars filed a statement with the Securities and Exchange Commission regarding the incident. This 8-K report acknowledges that the hack was a material event, similar to the one filed by MGM Resorts on Wednesday.
The cybercriminal group demanded $30 million ransom, but Caesars agreed to pay less than half of that amount. As a result of Caesars’ cyber insurance policies, some of the costs will be mitigated.
Despite the ransom payment and its fallout, Caesars does not expect a material impact on its bottom line.
It is likely that members of the group are less experienced and younger than many of the established multifaceted extortion and ransomware groups in the United States, but they pose a serious threat to large companies, said Charles Carmakal, chief technology officer at Mandiant. The majority of the members are native English speakers and are extremely effective social engineers.”