Who or What is Scattered Spider? The Group That Hacked Caesars and MGM This Week

LAS VEGAS, NEVADA - September 19, 2011: MGM Grand Hotel on the strip on September 19, 2011 in Las Vegas, Nevada.

Several news outlets reported yesterday that Caesars Entertainment, one of the giant hotel and casino properties in Las Vegas, has revealed a significant cyber breach where hackers successfully stole sensitive data, including Social Security and driver’s license numbers, from its loyalty program members.

This incident closely follows a recent cyberattack on MGM Resorts, which disrupted guest access to rooms and room charges using digital keys.

Caesars Entertainment confirmed the breach on September 7, attributing it to a “social engineering attack” on an IT support contractor. Bloomberg reported that millions were paid in ransom, but the company has not released an official statement to that effect.

Bloomberg also reported that the group behind the attack is known as Scattered Spider.

What is Scattered Spider?

As per Wikipedia and other sources, Scattered Spider is a collective of hackers mostly in their late teens and early twenties. They are previously known for targeting telecommunication systems, and have a track record of engagement in activities like SIM swap scams and phishing. They are also known for exploiting vulnerabilities in cloud computing systems.

Despite all their previous exploits, the recent hacking of the giant Vegas casinos is reportedly the most audacious hack the group has ever undertaken.

What’s worrisome is that the hackers had reportedly used social-engineering techniques to accomplish the hacks, not any particular technical weaknesses in the casino IT systems.

What Is Social Engineering?

A social engineering hack is a type of cyberattack that relies on manipulating individuals rather than exploiting technical vulnerabilities in computer systems. It involves psychological manipulation and deception to trick individuals into divulging confidential information, performing actions, or making decisions that benefit the attacker. Social engineering attacks often exploit human psychology, trust, and social interactions to achieve their objectives.

Here are some common types of social engineering attacks:

#1: Phishing: In a phishing attack, attackers send deceptive emails, messages, or websites that appear legitimate to the recipient. These messages typically contain malicious links or attachments, and the goal is to trick the recipient into clicking on them or providing sensitive information like login credentials, financial details, or personal information.

#2: Spear Phishing: This is a targeted form of phishing where attackers tailor their messages to specific individuals or organizations, often using personal information to make their messages more convincing.

#3: Vishing (Voice Phishing): Attackers use phone calls to impersonate trusted entities, such as a bank or government agency, and manipulate victims into revealing sensitive information or taking actions they wouldn’t otherwise take.

#4: Pretexting: In pretexting, attackers create a fabricated scenario or pretext to gain the trust of their target. They then use this trust to extract sensitive information or access restricted areas.

#5: Baiting: Attackers offer something enticing, such as a free download or a physical USB drive, which contains malware. When a victim takes the bait and interacts with the malicious item, their system gets compromised.

#6: Tailgating: In a physical context, tailgating occurs when an attacker gains unauthorized access to a secured area by following an authorized person without their knowledge or consent.

#7: Quid Pro Quo: Attackers promise a benefit, like free software or services, in exchange for sensitive information or actions. For example, an attacker might offer to fix a computer issue remotely but then request login credentials.

Social engineering hacks exploit human behavior and psychology, making them challenging to defend against solely with technical measures. To mitigate the risk of falling victim to these attacks, individuals and organizations need to raise awareness, implement security policies and training, and exercise caution when sharing sensitive information or interacting with unknown sources, both online and offline.

Featured Image Credit: friday /Depositphotos.com.

This article was originally published on Ash & Pri.

Like our content? Be sure to follow us.

DISCLOSURE: The post may contain affiliate links, which means that I may receive a small commission if you make a purchase using these links. As an Amazon Associate I earn from qualifying purchases. You can read our affiliate disclosure in our privacy policy. This site is not intending to provide financial advice. This is for entertainment only.

Pri Kingston

Ash & Pri are the Founders of AshandPri.com and have spent the last decade building their way towards financial freedom and a lifetime of memories. Having successfully achieved their early retirement goal in under 10 years, they look forward to sharing their financial sense with like-minded people. Read more about Ash & Pri in the 'About Us' section.