Cyber responders reveal FBI’s challenges in thwarting hazardous casino hacking syndicate

Cyber responders reveal FBI’s challenges in thwarting hazardous casino hacking syndicate

CompaniesAlphabet IncFollowCaesars ​Entertainment IncFollowCrowdStrike Holdings IncFollowShow more companiesSAN FRANCISCO/WASHINGTON, Nov 14 (Reuters) ‌- The U.S. Federal Bureau of Investigation (FBI) has struggled to stop a hyper-aggressive cybercrime gang that’s been tormenting corporate America over the ​last two years, according to nine ‍cybersecurity responders, digital crime experts and⁣ victims.For⁢ more than six months, the ⁤FBI has known ⁢the identities of at‌ least a dozen members tied to the hacking group responsible for the devastating September break-ins at casino operators MGM Resorts International (MGM.N) and Caesars Entertainment (CZR.O), according⁤ to four people familiar with the investigation.Industry⁤ executives have told Reuters they were‌ baffled by an apparent lack of arrests despite many of the hackers being based in America.”I would love for somebody to explain it to me,” said Michael Sentonas, president of CrowdStrike, one ‌of the firms leading the response effort to the hacks.”For such a small group, they are⁤ absolutely causing ‍havoc,” Sentonas told Reuters in an interview ⁢last month.Sentonas‌ said the hackers were “known” but didn’t provide specifics. He did say, “I think ⁤there is a failure here.” Asked who was responsible for the failure, Sentonas ‍said, “law enforcement.”The FBI has⁤ said it is investigating the gaming company hacks but a spokesperson for the agency declined to comment on the larger⁤ group responsible or where the investigation stands. A spokesman for the Department of Justice also declined​ to comment.Dubbed by⁤ some security professionals as “Scattered Spider,” the hacking group has been active since 2021 ‌but it grabbed headlines following a series of intrusions at several high profile American companies.The MGM breach disrupted operations at its ⁤casinos and ⁢hotels for days and cost the company roughly $100 million in damages, it said ⁤in a regulatory filing last month. ⁢Caesars paid around $15 million in⁣ ransom to​ regain access to its systems from ⁤the hackers, according to reporting by the Wall Street Journal.Neither company responded ⁤to a request for ​comment.CrowdStrike, Alphabet’s Mandiant, Palo‍ Alto Networks, and Microsoft are among the main American cybersecurity firms responding​ to private⁢ company breaches by the hackers. Some ‌have been collecting evidence leading to the hackers’ identities and are‍ assisting law enforcement, according to the five insiders.The sources​ say that, following the⁣ September casino hacks, the‍ FBI’s investigation took ⁤on new urgency. FBI officials first began looking at the hackers’ operations more than a year ago.Security analysts ⁣tracking the ‌breaches, meanwhile, have found a range of victims across nearly every industry – starting with telecoms and outsourcing firms to healthcare and financial service companies.In total, roughly 230 organizations ‍have been hit since ‌the beginning of last year, according ‌to a tally by the Baltimore, Maryland-based cybersecurity firm ZeroFox, which…

Article ⁣from www.reuters.com

Exit mobile version