British police have arrested a 17-year-old boy on suspicion of involvement in the hack last September on the American hotel chain MGM Resorts. Police charged him during an operation together with the FBI, on suspicion of blackmail and hacking practices.
Several computers and other devices were also seized from the boy’s home. The arrest occurred last Friday. Incidentally, the teen is already out on bail.
The arrest took place after a ‘complex investigation’, in which the British police service National Crime Agency (NCA) worked with the FBI, reported Hinesh Mehta of the NCA’s cybercrime division. “These cyber groups have targeted well known organisations with ramsomware and they have successfully targeted multiple victims around the world taking from them significant amounts of money”, the BBC noted.
Attacks not prevented
The FBI also issued a statement, praising in particular its cooperation with various police and investigative organizations at home and abroad, as well as private parties. “The FBI, in coordination with its partners, will continue to relentlessly pursue malicious actors who target American companies, no matter where they may be located or how sophisticated their techniques are”, the assistant head of the cybercrime division roared.
Good to remember that Reuters reported last year that the FBI had its eye on the attackers six months in advance but could not prevent the attacks on MGM Resorts and other companies by the same group. When asked, several cybersecurity firms then shared their surprise with Reuters. One bluntly called the event the result of “failed law enforcement”.
Costly leak
The hacking attack on MGM Resorts caused a serious leak of personal data at the hotel and casino chain and shut down virtually all of its systems. The attack also cost the publicly traded company nearly 100 million euros (95 million dollars) in lost profits and about 10 million dollars in security, consulting, and legal fees.
The hackers stole personal data of visitors up until March 2019, including names, phone numbers, e-mail addresses, mailing addresses, gender, date of birth, and driver’s license numbers. The criminals also obtained the social security or passport numbers of some customers.
ALPHV responsible
The attack was carried out by the ransomware gang ALPHV, presumably using ransomware-as-a-service from the threat group Scattered Spider. It involved a sophisticated phishing attack on IT employees and exploiting a known vulnerability in the casino and hotel chain’s Okta system.
MGM Resorts knew about the hack before the cybercriminals demanded a ransom. The chain could take timely steps and thus avoid having to pay.
Also read: Suspected leader of Scattered Spider ransomware gang arrested in Spain