Preparing for the Final Draft

SSSSSSSS19
Researchnote1.docx
Home>Business & Finance homework help>Accounting homework help>Preparing for the Final Draft

Threat

Threat refers to the risks or losses resulting from a cyberattack. In the MGM security breach, the loss of customers' personal information, including their names, contact information, gender, dates of birth, and driver's license numbers, can be considered a threat in the given context. Also, the suspension of MGM Resort services, which included disruptions to MGM Resorts and the closing down of ATM services and online booking systems, led to an estimated loss of $100 million to MGM Resorts (Page & Whittaker, 2023).

Threat Agent

          A threat agent is a person, entity, or actor that carries out the cyberattack. Hackers from the ALPHV subgroup Scattered Spider claimed the September 11 large-scale cyberattack on MGM Resorts. The hackers claimed in their message, "If you have money, we want it."

Vulnerability

          Vulnerability refers to the weakness hackers exploit to get into the system to employ the cyberattack. As per the claims made by hackers from the ALPHV subgroup Scattered Spider, the group found a LinkedIn profile of an MGM employee and employed social engineering techniques to compromise MGM Resorts Cybersecurity systems (Page & Whittaker, 2023). The hacker group used the details collected from employees' LinkedIn to access their accounts by calling MGM's help desk.

Discovery

          The recent cyberattack was discovered after the manifestation of large-scale service disruptions experienced by customers of MGM Resorts beginning on September 11, 2023. The company officially acknowledged the occurrence of a cyberattack in its filing with the SEC on October 5, 2023.

Investigation

          Internal investigations by MGM Resorts revealed that no customer passwords or payment details were likely to have been captured in the cyberattacks. The hackers were able to gain access to the personal information of customers, including their names, contact information, gender, dates of birth, and driver's license (Page & Whittaker, 2023). MGM Resort also reported that the hackers may have accessed the social security numbers and passport details. The investigations also revealed that the number of affected customers was yet to be determined.

Impact Assessment

MGM Resorts also reported that the recent cyberattack may result in losses of an estimated $100 million in terms of loss of earnings and an estimated one-time expense of $10 million in cyberattack-related activities. Customers reported service disruptions, including accessing ATM services, Casinos, and online booking systems days after the discovery of cyberattacks.

Remediation

          MGM Resort management reported that the company's cybersecurity insurance policy options were sufficient for making up the losses incurred due to the recently concluded cyberattack on company systems.