Cyber Attackers And Phoney Phone Calls

I have been reading with interest that it has been the turn of the mighty MGM Group (Hotels, Casinos, Gambling Websites) to fall victim to hackers who have locked systems in a ransomware attack ...

Customers and clientele could not get into rooms using their electronic keys. Slot machines were disabled and the entire business went into manual override, with queues forming to obtain hand-written receipts for winnings and to get physical room keys.

"The rumours are that a method called 'vishing' was used!"

Essentially it appears to have been a well-constructed (phoney) phone call to MGM's IT Help Desk, asking for a password reset. Allegedly, the hackers also social engineering techniques (something I have written about previously), to know enough information to get past the help-desk operative and gain access to the systems.

It appears that although MGM has cyber security training in place for other methods used by hackers, such as phishing via emails, there is not much attention given to vishing in the manual realm. It appears that the actor was impersonating a 'user' and knowing enough of the language/terminology to blindside the IT department.

I have received phone calls in the past from 'call centres' saying that my computer is sending out thousands of emails from my account and to allow remote access to my laptop. The first thing I ask is for the caller to verify my public IP address and which ISP I am using. This leads to the caller hanging up the phone abruptly and never heard from again.

In other cyberattack news, a third-party supplier to the Greater Manchester Police (GMP) has been subject to a ransomware attack, with details of warrant cards and ID badges being leaked. These include officers' warrant/collar numbers, photo IDs and names. Unlike the accidental leaking of Police Records in Northern Ireland recently, no home addresses or financial details are held by the supplier.

The data you hold on your customers and the way in which you protect your systems from being compromised form a big part of the GDPR mandate in the UK and Europe. It is absolutely essential that all the names, addresses, and any personal/financial details that you have on your servers, or even in the cloud are heavily guarded by secure passwords and two-factor authentication to limit the hackers' ability to gain access to your business systems. Your reputation and livelihood are at stake in a big way.

For smaller and mid-size businesses, investing in cyber training and how to spot potential scammers is now more important than ever before. This is not a tick-box exercise, this is now getting to a point where every single piece of data is worth something to someone, so get your systems tested by an independent penetration testing facility.

"Your IT company should not be marking their own homework!"

Find a good independent consultant who knows the marketplace and they will be able to advise your business accordingly as to who the movers and shakers are in the IT arena.

If you feel inspired to find out more then do call me on 07555 807700 or leave a comment below and I'll be in touch as soon as I can.