Casino del Sol in Tucson Fighting Cyber Attack

The Casino del Sol in Tucson, Arizona, announced on Tuesday that it had resumed some form of regular business following a severe system outage triggered by a cyberattack on February 21. 

The Pascua Yaqui Tribe, the owners of the casino, said in a statement that the FBI and the Pascua Yaqui Police Department are collaborating to investigate the attack, which disabled ATMs, credit card systems, Wi-Fi, TVs, phones, and electronic door key systems.


Slots Are Whirring Once More 

The poker room, gaming tables, sports book, and all of the slot machines—including the slots ticketing system—are now fully functional. 

Tuesday saw the closure of bingo until further notice, the phone system staying offline, and all restaurants and bars accepting cash only. As to the Tribe, the casino rewards program called "Club Sol" is not available online.

Furthermore, other cash services at the casino cage are not now available, even though the cage is already cashing in gaming checks and slot tickets.

The casino said, "We sincerely apologize for any inconvenience or worry this incident may have caused to our valued guests." "Our top priorities continue to be your trust and security."

 

Nothing to Report Regarding the Ransom

The hack certainly have the characteristics of a ransomware attack, even though it's unclear if a ransom demand was sent along with it. 

According to a new research by the cryptocurrency analytics firm Chainanalysis, ransom payments to hackers nearly doubled to a record $1.1 billion last year. Additionally, hacking groups are increasingly focusing on "big game"—large companies, including casinos—in an effort to increase their payoffs.

 

Broken Spider

A group by the name of "Scattered Spider" attacked MGM and Caesars with destructive ransomware in September 2023.

It's thought that the group engaged in "spoofing," or posing as a high-level MGM employee over the phone with the company's support desk, using social engineering techniques.

In this manner, they gained access to the system by deceiving support staff into changing the multifactor authentication (MFA) codes and passwords for the person they were posing as. 

When MGM refused to pay the ransom, company operations were disrupted for days, resulting in an estimated $100 million in damages. Caesars reportedly paid Scattered Spider over $15 million to resume regular operations, as reported by The Wall Street Journal.

The cybersecurity community, not the criminals themselves, is the one who came up with the term "scattered spider." The gang calling itself "Star Fraud" is the one that attacked MGM and Caesars. Its members are a part of "the Com," an informal group of hackers.