In today’s digital landscape, cyber-attacks are becoming more frequent and sophisticated, prompting businesses to elevate their cybersecurity efforts and consider cyber liability insurance. Recent breaches faced by major companies like MGM Resorts International and Caesars Entertainment highlight the gravity and unpredictability of these threats.
MGM’s Cyber Breach: A Wake-Up Call
On September 10th, MGM Resorts experienced a massive cyberattack that disrupted its operations. Digital hotel keys became inoperative, casino games halted, and their reservation system crashed, resulting in significant financial losses and unhappy guests. The breach was reportedly carried out by the ALPHV/BlackCat ransomware-as-a-service gang, using a simple yet effective method: tricking an MGM IT team member into resetting an employee’s credentials over a phone call.
The startling simplicity of this attack underscores how easily even large, well-protected businesses can fall victim to cybercriminals. However, MGM’s decision to proactively take its systems offline prevented further damage, allowing them to address the breach in a controlled environment—a critical move for minimizing the fallout of such incidents.
The Financial Implications and Insurance
MGM reportedly suffered losses equivalent to 10%–20% of its daily revenue, a stark reminder of the financial risks associated with cyberattacks. Fortunately, MGM’s $200 million cyber insurance policy may cover some of these losses. Analysts estimate the total claim will amount to around $100 million, primarily to cover income lost during the disruption.
Similarly, Caesars Entertainment recently fell victim to a cyberattack, opting to pay a $15 million ransom to resolve the situation quickly. This raises the ongoing debate: should companies follow government recommendations and refuse to pay ransoms, accepting the consequences, or should they pay the ransom to restore operations faster? For MGM and its insurers, a quicker resolution may have been preferable.
The Importance of Robust Cybersecurity Defenses
These incidents emphasize the need for businesses to strengthen their cybersecurity defenses. Cybercriminals continue to refine their tactics, and targeted attacks are becoming increasingly sophisticated. A comprehensive cybersecurity strategy should include:
- Multi-layered security protocols.
- Continuous staff training to recognize and avoid phishing attempts.
- Incident response plans for quick recovery when breaches occur.
Implications for the Insurance Industry
The surge in ransomware attacks highlights the need for insurance providers to promote robust cyber hygiene among their clients. Single-point security measures are no longer sufficient. Insurers and businesses alike must prioritize multiple layers of defense, anticipating potential vulnerabilities and implementing fail-safe systems.
Conclusion
The cyberattacks on MGM Resorts and Caesars Entertainment serve as stark reminders of the unpredictable and destructive nature of cyber threats. These incidents underline the urgent need for enhanced cybersecurity measures and the critical role of cyber liability insurance. Businesses of all sizes should prioritize comprehensive cybersecurity defenses while considering the protection provided by robust insurance policies.
Each month, Swarts, Manning & Associates covers relevant topics for your business. Stay tuned for more insights on managing your insurance and industry-specific tips.
Click here to submit a Quote Request.
If we have had the pleasure of working with you, we would love for you to leave a review on Google. Your honest thoughts help us improve and grow and allow potential customers to better understand what we have to offer. Thank you in advance for your time and support!