Beware of Cybersecurity: Scary Cyber Attack Case Studies & Lessons Learned from Them
There’s nothing scarier than the thought your business could suffer a cyber-attack. October is Cybersecurity Month, created to spread awareness about cybercrime, cyber-attack detection and remediation, and cybersecurity best practices. Here are a few cases where hackers were unfortunately able to gain access to sensitive assets via malware and other tricks.
MGM Ransomware Attack – September 2023
The September 2023 cyber-attack against MGM Resorts is a tale of misfortune for the level of inconvenience a single attack can cause. MGM was a victim of a ransomware attack, which involves cybercriminals stealing data or holding systems hostage until a ransom is paid. Through this cyber blackmail, hackers caused chaos during the cyber onslaught. They shut down hotel systems, casino systems, company email, and business phones. There were even several slot machines shut down as the network was compromised.
What Went Wrong?
Cybercriminals were able to gain access to MGM systems via vishing, or a fraudulent phone call to the company’s technical call center. The attacker coaxed out sensitive information from unsuspecting employees, allowing them to infiltrate several crucial business systems.
What Was the Outcome?
They demanded $30 million in exchange for the release of the company’s systems. MGM leadership refused to pay the ransom, and they were able to protect sensitive financial information from the hackers. They were eventually able to regain access to their systems, which raises the question of if paying a ransom is worth it in the long run.
It’s worth noting that this cyber attack caused widespread inconvenience and likely a sizable loss of revenue. However, MGM Resorts was not dealing with higher stake data loss like a healthcare or law firm would be in this scenario. For this reason, they had less to lose in terms of hefty lawsuits that could follow HIPAA or legal violations.
Rappatoni Cyber Attack Cripples Real Estate Industry – August 2023
The real estate industry was flipped on its head following the Rappatoni Cyber Attack, a chilling story of the impact a successful attack can have on business clients. Clients are a service provider’s bread and butter, so Rappatoni was in deep water when a ransomware attack on the real estate company’s third-party cloud listing service left over 100 brokerage clients in the dark. The platform’s users could not list properties, change listing prices, and see who had what listing. This halted operations for a huge sector of the real estate industry, no doubt disrupting the housing market in its wake.
What Went Wrong?
The cyber-attack on Rappatoni was rumored to be a ransomware attack, but the company has yet to speak out publicly on what caused the attack. This attack did, however, result in a huge loss of crucial data for the real estate industry. Updated prices and listing information were lost, which realtors rely on to make strategic moves to be profitable. The cyber crime investigation has not revealed what
What Was the Outcome?
As a result of the service being shut down during the attack, Realtors had to resort to old-school methods of selling via cold-calling prospects, as well as less convenient methods like posting listings manually on social media. This disruption led to fewer buyers reportedly showing up to property showings, making them less competitive and taking away seller leverage for affected listings.
This attack shows how important it is to take steps to protect sensitive data, especially when business clients rely on your services for theirs to function. For those in B2B service industries, compromised client information can mean both you and your trusting clientele are at risk for big financial and reputational losses.
Be Proactive About Your Business’ Cybersecurity to Protect Yourself
As scary as these cyber-attack stories are, there are ways to mitigate the risk of cyber-attacks. From employee training to multifactor authentication, you can use several network security tools to protect your business from cybercriminals. If you’re not sure where to start on your cybersecurity strategy, check out our cybersecurity checklist for all of your cyber essentials.