In a year where ransomware is on the rise, two organizations in an industry known for its effective physical and cyber security were hit with ransom demands.

Both MGM Resorts International and Caesars Entertainment were targeted earlier this month. Caesars disclosed it quietly paid $15m to hackers who had breached its customer loyalty database, negotiated down from the initial $30m demand. MGM went the opposite route, refusing to pay hackers who took over its Okta authentication servers. The result was a multi-system outage that affected everything from reservation systems and digital room key processes to casino floor operations for at least ten days.

The events in Las Vegas stimulated lots of discussion about ransomware and what is the best strategic response to it. There is evidence that after a slight decline in ransomware incidents last year, in 2023 breaches that come with a demand for payment are soaring again.

Ransomware insurance claims on the rise

In its mid-year cyber claims update published this month, cyber insurance provider Coalition Inc. reported that claims rose 12% in 2023 over the prior year. Coalition, which consolidates claims and incident data from across the cyber insurance sector said ransomware demands account for nearly one-fifth of all claims, the single biggest factor in claims filings. Overall, ransomware claims increased 27% in the first half of this year.

While the number of claims rose across all revenue levels, businesses with more than $100m so the biggest increase at 20%. The cost of the claims also soared, increasing by a staggering 42% in the first half of 2023. Claimants reported an average loss of more than $115,000. Coalition did note that number was at its historic highest in the 2H 2021 at $127,950.

Hacking gang ‘mergers’

There are reports that ALPHV, a Russian hacking group and other hacking gangs, are joining forces with young English speaking hackers to increase their “successes.” ALPHV said its breach of MGM’s systems started with a LinkedIn search to find staffer and a ten minute call to the Help Desk. MGM has not confirmed that is how it started but it is unfortunately feasible.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

If we learn anything from these incidents it is how woefully underprepared organizations are to defend their assets, including precious customer data, from a breach. MGM’s flat-footed response led to huge operational and reputational losses. While cyber insurance could cover up to a $200m loss, the damage to its reputation could prove even more costly in the long-term.

What is also clear from the MGM incident is the lack of business continuity/disaster recovery (BC/DR) planning and processes were in place. This should be a lesson for every board of directors and executive suite. Every organization has vulnerabilities and points of exposure; there should be an effective BC/DR plan in place to keep operations moving forward in the event of a breach, whether is ransomware-related or not.