MGM maattack blog

Defending Your Help Desk Against "MGM-Style" Social Engineering

In the wake of the MGM data breach, conversations around help desk vulnerabilities have intensified. I've engaged with numerous IT-security specialists, seeking insights on staving off identity theft at the help desk front.

The popular recourse? Awareness training. Yet, those well-versed in social engineering tactics would attest to its limited efficacy. Yes, multi-factor authentication is commendable, but it doesn't fortify against social engineers manipulating help desk staff into divulging passwords or other sensitive data.

How did this happen?

The attackers simply combined the art of social engineering with the treasure trove of information available on platforms like LinkedIn. An MGM employee's details, casually shared on LinkedIn, became the blueprint for a vishing attack. A call was made to the MGM help desk, mimicking this employee, a password reset was requested, and just like that, the gates were thrown open. In the ensuing chaos, ATMs, slot machines, key cards, and even room lights malfunctioned.

The attackers, identified as a part of the ALPHV group (or perhaps the youthful 'Scattered Spider' group), left no stone unturned, ensuring that gamblers couldn't gamble, and hotel guests were left stranded.

Intriguingly, this isn't an isolated incident. Since August, according to David Bradbury, Chief Security Officer at Okta, both ALPHV and Scattered Spider have victimized five companies, including the likes of MGM and Caesars.

With ransomware attacks becoming increasingly prevalent, simply paying off the attackers isn't a viable solution. The FBI consistently warns against such actions, as they further embolden cybercriminals. The need of the hour is robust prevention, which goes beyond mere technical measures.

The genuine safeguard? A mandatory IT-driven workflow for user validation or affirmation. We're talking:

✅ Dynamic and contextual data

✅ Linking to trusted devices

✅ Managerial authorizations

..among other advanced strategies.

The crux? Let the tech-driven workflow call the shots, not your support staff. A skilled social engineer will, given time, deceive even the most alert supporter.

🔗 This isn't a far-fetched dream. Such a solution is already at your disposal, and can seamlessly integrate with your current ITSM framework. Meet FastPassDiscover FastPass's Identity Verification Manager

📽️ Curious about its melding with ServiceNow? Watch the Integration Demo Here

Fortify your help desk and shield your users from identity theft. The time to act is NOW.

Finn Jensen

Finn Jensen | Founder, FastPasscorp

Related Posts

Scroll to Top