Imagine the neon glitter of Vegas fading to a dark screen. That’s what happened in July 2023, when both MGM Resorts and Caesars Entertainment, two Las Vegas giants, fell victim to ransomware attacks. While the details differed, the underlying lesson remained stark: no business is immune to the digital wolves at the door. What happened next is an interesting study in what an attack response plan may include—and what the fallout could be. This scenario simply underscores the fact that you don’t want to gamble on ransomware in your business.
MGM’s Gamble on Ransomware Recovery Plan
According to several reports, MGM Resorts chose not to pay the ransom. According to CEO Bill Hornbuckle, MGM had already begun rebuilding their systems and opted not to pay. The fallout? MGM endured about a week of outages and the fallout from a horrible customer service experience. Estimates place the lost revenue from this week alone somewhere north of $100 million USD. Since the ransom wasn’t paid, the stolen data was allegedly leaked, too. The fallout from this is still developing.
How Caesars Gambled Differently
In contrast to the MGM response, Caesar rendered unto Scattered Spider (the hacker group responsible) some $15 million USD. Their disaster plan included payment among other tactics.
So which response is “right?” Either case can be argued, but both responses highlight the critical need for a comprehensive ransomware recovery protocol for every business, big or small. As noted in a prior blog post here, the average cost of a data breach can range from a few million dollars to being put out of business. Any executive decision has to take into account this reality.
Why Both Casino Groups Crapped Out
The Las Vegas attacks serve as cautionary tales. MGM’s vulnerability stemmed from a compromised third-party vendor, demonstrating the domino effect of cyber threats. Caesars, while prepared with backups, faced extended downtime, showcasing the hidden costs of lost productivity and customer trust.
Preparedness Lessens the Ransomware Gamble
So, how can you avoid joining this high-stakes game of chance? Here are a few key elements that every business should include in an effective ransomware recovery protocol. These are the things you need in a ransomware plan:
1. Assess the Risk: Identify your critical data assets, analyze potential vulnerabilities, and map out attack scenarios. This awareness equips you to prioritize critical data protection.
2. Fortify Your Defenses: Invest in layered security solutions, including endpoint protection, network segmentation, and regular vulnerability scans. Patching systems promptly and educating employees on phishing scams are equally crucial.
3. Back Up Like a Pro: Implement a robust backup strategy with frequent automatic backups stored securely offline and off-site. This keeps your data safe even if online systems are compromised.
4. Test and Refine: Regularly test your backups and recovery procedures to ensure they function flawlessly under pressure. Treat it like a fire drill – practice makes perfect in the face of a real attack.
5. Have a Plan B (and C): Develop a clear action plan outlining communication protocols, incident response procedures, and escalation steps. Knowing your next move minimizes confusion and wasted time in the heat of the moment.
The Las Vegas Takeaway
The MGM and Caesars incidents highlight the devastating consequences of a ransomware attack. Both entities had a plan. What would it have looked like if either or both had failed to have a plan? Worse? More of the same? The takeaway is this: Don’t gamble on ransomware with your business. You need a ransomware plan. Implement a comprehensive recovery protocol today and secure your data against the ever-evolving threats of the digital underworld. Remember, in the game of cyber resilience, prevention is infinitely cheaper than redemption. If you need help getting started, reach out to us today. We’re always listening.