The FBI is investigating the MGM and Caesars breaches, and the companies did not comment on who may be behind them.
In some cases - Mandia did not say which ones - hackers tied to Scattered Spider placed bogus emergency calls to summon heavily armed police units to the homes of executives of targeted companies.
ALPHV, which according to Mandiant is a "ransomware-as-a-service", would provide services such as a helpdesk, webpage and branding, and in turn get a cut of whatever Scattered Spider would make from the hack.
While many ransomware attacks go unpublicised, the MGM hack was a vivid example of the real-world impact of such incidents.
Ransomware gangs often function like large organizations, and continue to evolve their methods to adapt to the latest security measures organizations use.
Persons:
Bridget Bennett, helpdesk, they’d, Wendi Whitmore, Adam Meyers, it's, Kevin Mandia, Mandiant, Reuters couldn't, CrowdStrike's Meyers, helpdesks, David Bradbury, they've, Bradbury, ALPHV, Okta's Bradbury, Whitmore, Zeba Siddiqui, Raphael Satter, Chris Sanders, Claudia Parsons
Organizations:
MGM, MGM Resorts, REUTERS, FRANCISCO, Alto Networks, Caesars Entertainment, FBI, Caesars, Google, Reuters, Microsoft, British, Thomson
Locations:
Las Vegas , Nevada, U.S, WASHINGTON, Canada, Japan, United States, reassign, Las Vegas, San Francisco, New York