The High Tech Heist

I'm actually here. I don't know how that happened. I am nowhere near cool enough to have been invited here. I guess they didn't listen to the show first. That's fine with me, though. There's some pretty incredible musical acts that are going to be rocking out in the arena that's right in front of me, and I will sit here and talk about geeky tech stuff. So the question is then, what topic should I cover for this episode? And I asked myself that several times. I had a

lot of possible answers. Maybe I could talk about the tech of running a concert, for example, there's a lot of tech involved in that. Maybe I could just talk about the tech needed to make sure a band's equipment's all working properly. I could talk about sound systems, or lasers, or pyrotechnics or all sorts of stuff, but I'm in Vegas, baby, And what's more, I'm staying at a hotel that's owned by MGM Resorts. So I think the topic to tackle

is the recent hacker attack on that company. So what exactly happened, who is responsible or who do we think is responsible, how did it unfold, and what are the ongoing consequences. So sit back, folks, it's time to do a casino heist podcast episode tech stuff style. Now, Originally I thought I do a quick history of MGM Resorts International, you know, the company that became the target of the hackers.

in Vegas and beyond. Among the Vegas properties are the MGM Grand and assorted MGM properties like Park MGM, the Blagio, the Aria, the Cosmopolitan New York, New York, Excalibur, the Luxor, Mandalay Bay, and some more. And it also has a more than forty ownership of the T Mobile Arena, the building that is directly in front of me, just the building. However, they do not own the land. The company made somewhere in the neighborhood of thirteen billion dollars in revenue last year.

That was an increase from nearly nine point seven billion from the year before, and it seems that twenty twenty two saw the highest revenues in the company's history so far. Of course, revenue is not the same as income. That's more to the tune of one point four billion dollars for twenty twenty two. That's a lot of money, princely sum as I might say they own more than thirty billion dollars worth of assets. So, in other words, to

enterprising thieves, MGM Resorts International is a tempting target. Heck, that's the stuff of heist movies, right, except a heist is typically a high risk endeavor and it's almost bound to fail. Successful heists have happened in the past, even in Vegas, but more often not, the house comes out on top. Moving the heist into the realm of computer systems becomes a different matter. However, it's more likely that you can find a way to pull off your crimes

while you protect yourself. Now, before we move on to the actual hacking attack, I also need to mention the company Caesar's Entertainment. Like MGM, Caesar's has a really, really complicated history. It's filled with mergers and acquisitions and sales and even bankruptcies. It gets bonkers. The most recent move of that company was in twenty twenty. That's when another company called El Dorado Resorts Incorporated acquired Caesar's Entertainment Corporation.

Then El Dorado Resorts changed its own name to Caesar's Entertainment. But there are other companies that are lumped in there. As well, like Hera's Entertainment is part of that. Anyway. In twenty fifteen, Caesar's went into bankruptcy, and as part of the effort to get out of bankruptcy, the company split into two entities. One would be a company that would actually operate the various resorts and casinos. The other would be what is called a real estate investment trust

or REIT, which would actually own all the properties. To get into riits is beyond the scope of the show, but y'all, they can be monsters anyway. The spin off OREIT took the name VICH after Vinnie vid Vic. You know, I came, I saw I conquered, So VICH technically owns many nineteen in fact of Caesar's properties. Here's the wild thing. Last year VICH acquired ownership of thirteen MGM properties. So both Caesar's Entertainment and MGM Resorts International pay rent to

VICE in order to operate their respective casinos. So you want to know what the power behind the throne is, look to vch. Anyway, while all those dealings are worthy of a deep and engrossing podcast series, this is a hint somebody make a podcast series about these real estate companies and their involvement in Las Vegas because it is fascinating, but our focus should really be on the hacker attacks. Now.

It is important that I mentioned Caesar's because while the attack on MGM's properties was the major attack that's been in the news for a couple of weeks, now, those same hackers, or at least some of them, first targeted Caesar's Entertainment a little earlier. Two of the biggest gambling companies in the world have fallen prey to hackers, and it appears that the foothold the hackers established came courtesy of a third party security firm and also involves a

very important company in tech, namely Octa. Now, y'all, the hacker attack is bad news for MGM, there's no way around it. But I would actually argue it could be way worse for Octa, at least as far as reputations go. And that's because Octa is an identity and access management company. This is the company that markets the user authentication system that tons of other companies rely upon. With Octa, a company can hand over the trickier elements of user authentication.

So as companies grow more complex, they might add more systems that employees rely upon, and it can be a hassle if you need a different log in for every single service you use. A service like single sign on

really simplifies things. You have a username and password and that gives you access to a suite of different services all with just one log in, So you can see where the value of that is right well, with Octa, a company can hand over all of this and Octa handles it, and you pretty much have to just trust Octa to be a good steward of this process now. Todd McKinnon and Frederick Krist co founded Octa back in two thousand and nine. The company has been the focus

of a couple of security incidences since it's founding. In twenty twenty one, a hacker group secured limited access to octasystems by compromising a camera network inside the Octa offices, specifically a system designed by Verkaida, a company that I should probably talk about in a future episode. In early twenty twenty two, a different hacker group known as Lapsus accessed OCTA's systems. This time, the attack vector was a

third party support engineer. Lapsus shared information suggesting that the data breach was far greater than what Octa was telling the public. But Octa executives really held their ground. They said that are only around two point five percent of OCTA's customers were potentially impacted by this data breach, and

that the hackers had limited access to customer data. Octa said the data breach lasted for less than half an hour and it only hit two customers, whereas Lapses claimed and maintained a presence in OCTA's systems or this client of OCTA's systems for the better part of a week. Now, that attack was bad, but it could have been worse, And to be totally fair to Octa, it was really the third party security person who was at fault for

the breach. Though I never really saw details on exactly what happened with that one, I imagine it was something fairly similar to what we are talking about today. So let's set the scene. We're not going to go strictly chronologically because some information we wouldn't know about until later, so we're going to be jumping around a little bit for the purposes of our story. Will begin on September tenth,

twenty twenty three. That day, some folks who were staying at MGM Resort International properties began to encounter errors while they were trying to interface with various systems connected to those properties. The following day, September eleventh, twenty twenty three, things got much worse. Players who were members of MGM Resort's loyalty program saw that their loyalty features weren't working.

The websites went down. People staying at MGM properties found that their digital keys that they depended on on their smartphones, they they weren't working anymore. They couldn't get into their rooms using their digital keys. They these effects got worse. You know, a lot of video slot machines went offline. That was a huge indicator that something really bad had happened. Sports betting features were interrupted even ATMs on casino floors

went out of service. At eleven twenty seven am Eastern Time, MGM Resorts posted on x you know, the platform formerly known as Twitter, a little message and it read quote MGM Resorts recently identified a cybersecurity issue affecting some of the company's systems. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts.

We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems. Our investigation is ongoing and we are working diligently to determine the nature and scope of the matter. You know it's serious when they say that they responded promptly and quickly. When you get both of those back to back, you know it's a bad, bad time. And what exactly happened, Well, i'll tell you after we come back from this quick break.

All right, we're back. You are listening to tech stuff live at the iHeart Podcast Studio powered by Bows at the House of Music at the iHeartRadio Music Festival, in the house that John built. This is a pretty incredible experience. Whenever I look up, I'm just seeing tons of people in various trendy outfits wandering around getting ready for the

festival and hanging out the House of Music. It's pretty cool. Again, I feel like I'm totally out of place here, but they invited me, so I guess I should just embrace it. So we're going to jump back into this cybersecurity incident that hit a couple of major gaming and hotel companies and dozens of properties so as you might expect, speculation ran rampant regarding the nature of the cybersecurity issue that

MGM Resorts International mentioned. Some thought that it could just be a massive systems failure, like you know, maybe some key system that connects everything went down. Some people figured it had to be a ransomware attack. Lots of folks assumed that the issue would receive a ton of coverage on certain podcasts. No one mentioned me, which just hurts my feelings, and folks were complaining right away about the issues they encountered. One x user posted quote, we are

at one of your resorts. It's pretty widespread. We can't check in, pay with card, use comps, receive our gifts, get tickets out of machines. End quote. Others claimed they had unexplained charges on their bills. Some of these incidents happened before September eleventh, so whether they are accurate, or maybe they reflect some other issue that's unrelated to this, or maybe they're the attempt of cashing in on a bigger problem, I can't say. I don't know. I just

know people reported it. The websites for various MGM resorts, as well as the sites for restaurants on MGM properties all went down. MGM replaced its website with kind of a landing page that directed people to call resorts directly, so it just listed each resort and its phone number, so you would have to call them on the phone, you know, like a caveman. That's a joke. I'm old

I still call places on occasion. The following day, MGM Resorts gave an update saying that much of its services were operational, including entertainment, dining, and gaming, but people were still encountering issues. There were still problems with slot machines.

Hand pay became the method to cash out. This is when you have to signal for a casino employee to come over and count out by hand your winnings rather than getting the machine to print out a ticket, and you take that ticket to a payout machine feeded in and then you get your cash that way. The ATMs were still having issues. People still couldn't check in online, They could not make a card payment to book a room.

At that point, lines were forming at the desks of various MGM resort properties because you couldn't use your digital keys at all, so you couldn't just check in with your phone and then use your phone to get into your room. You had to go and get a physical key card. It was still like an RFID chip key card, so you could hold it up to the door and it would open, but you had to have one. You couldn't just use your phone to do it. So that meant everybody had to go and wait in line to

get a key. On September twelfth, we heard that a hacker group called Alpha ALPHV. Actually that's the way they style their name. Sometimes they're also called black Cat. We heard that they could have been behind the attack. Now, the black Cat name actually comes from malware that this group has created, you know, some malicious software, ransomware to be precise, and Alpha introduced that in late twenty twenty one. And here's how an Alpha attack would typically work out.

So the group would end up collaborating with someone to inject the malware into a targeted system. That person might be a disgruntled employee of the target. Maybe they're not even disgruntled, maybe they're just very greedy. Because Alpha would offer up to ninety percent of a ransom to the

quote unquote affiliate. The affiliate could also be some other hacker group that its job is just to gain access to a system through some means, and Alpha would provide the malware while the other group actually would get access to the target. It would become this, you know, this collaborative effort. Now, this means the business model for Alpha is r a as that stands for ransomware as a serve. That as a service trend has gotten out of control, y'all.

So these hackers, who primarily communicate on Russian language platforms, build the tools, but they don't necessarily carry out the attacks themselves. They're facilitators. The black cat and malware encrypts a target computer system, so it makes it inaccessible to the system's rightful owner. So imagine you log into your computer, but you find out you can't access anything. All the

files are encrypted, all the methodologies are encrypted. You can't decrypt it, so it's just a brick without the key. The data on your machine stays out of your reach. And then you see a message, and the message tells you that the hackers will give you access back to your data. They will give you the decryption key, but only if you pay them a ransom. Usually this is in the realm of millions of dollars. Typically they ask for it in the form of cryptocurrency to avoid being

traced back to the people responsible. And if you don't pay up, the hackers will say either you will not get access to your data again, it's just gone, or they'll delete it. Sometimes they'll say, all right, we won't delete it. Instead, what we're going to do is we're going to release all that data on a public platform so that anyone and everyone can see what it is. Typically, ransomware hackers want to target organizations that have a lot

of money and a lot of incentive to protect data. Now, pretty much every organization has an incentive to protect its data at least to some extent. Information is the currency of the modern era, after all, and while you can't spend information, you can sure affect the value of a company by stealing their information. But ransomware hackers typically want to target organizations that have access to buckets of cash. So prime targets for these hackers ideally fall into a

couple of categories. If it's a really big company and its business depends upon the safe keeping of information, particularly really personal information, that ends up being a big target. So hospitals and other healthcare companies fall into that category. By law, these companies are meant to keep patient data secure.

There in big trouble if they don't, And obviously any healthcare company that fails to live up to that would have a massive problem, not just from the government or from law enforcement, but you know, they would lose the confidence of patients, and patients could have their lives really upturned if their personal health information gets shared everywhere. So the thinking goes that those companies are more likely to pay a ransom in order to make the problem go away.

That's why ransomware hackers target healthcare companies so frequently. They have a very high incentive to get the problem fixed as quickly as possible. Well, casinos and resorts definitely fall into a similar category. Right first, you've probably heard the phrase the house always wins. Well, that phrase references the fact that the odds are ever in the favor of

the house. You might have a good night at the tables, and you might leave with more money than you brought with you, but lots of other people will end the night down with less money than what they started with. Or maybe you'll also be down a little bit, and other folks will also be down a bit, and some

of them might be down a lot. All casino games favor the house, and that makes sense because if they didn't favor the house, then casinos would soon be out of business, right So instead, collectively the casinos in Nevada can make at least a billion dollars every month. That's across all the casinos in Nevada. Some games will give you better shot at winning that other games. Blackjack is a game that has fairly decent odds, somewhere in the

neighborhood of forty percent to win. Dealers have about a forty nine percent chance to win. And you might think, oh, forty nine plus forty's that's not one hundred. Well, that's because the rest of the odds kind of cover the case where you could have a draw or a push where you go to the next hand. Meanwhile, games like kino or the Wheel of Fortune, they have some of the worst odds in gambling. So that doesn't mean you're destined to lose if you play, but the chances are

pretty darn high. So anyway, this means that casinos make a lot of money. If I might elaborate, they make a crap ton of money and that puts them firmly in one of the categories that ransomware hackers love to target,

companies that are flush with cash. On top of that, these casinos deal with a lot of customer data, whether it's someone staying at a resort or a gambler who has signed up to participate in a loyalty program, which is a pretty frequent thing, because the casinos here have lots of incentives to get people to sign up to their loyalty programs. You can get gifts, you can redeem credits, you can get a free room if you're a frequent gambler and you're part of the loyalty program. There are

a lot of reasons for that. In return, one, the casino has a repeat customer, which is very valuable, and two, the casino can gather data about the people who visit their resorts and learn more about them and thus cater to them more and make even more money. So this information has value not just because of how it can be used to advertise to individuals, that's often what we talk about when we talk about data in the modern world, but it has value because the customers are trusting the

casinos with this information. Even if they aren't aware of the implications, and so when there is a data breach, suddenly customers get very much concerned about that data. It affects them directly. If there's the possibility that the customer's own finances could be compromised, that's a huge problem for both the customer and the casino. So this means casinos and resorts are in that sweet spot for ransomware hackers. So how did we find out about Alpha's alleged involvement

with the MGM Resorts International hack. Well, one early statement came from the x account, the Twitter account of a group called VX Underground. Vx Underground bills itself as the largest collection of malware source code, samples and papers on the Internet, and they work with lots of researchers, They work with hackers, They work with tons of people largely to educate about malware. They are rather cheeky, I would say they kind of have that cheeky sense of hackers.

They do not necessarily come across as being buttoned down, let's say. So. On September twelfth, VX Underground posted all Alpha ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the help desk. A company valued at thirty three billion, nine hundred million

dollars was defeated by a ten minute conversation end quote. Now, MGM did not comment on this, and as far as I'm aware, has never actually referenced their cybersecurity incident as an attack, but lots of other folks have not been in the mood to mince words, and the information that would come out later seem to align with what VX Underground was claiming. The attack happened through social engineering. So stage one, you learn about the person you're going to impersonate.

You find someone on LinkedIn who has listed their job title and where they work. If you can find someone who has a very high profile job title, something that's really high up in an organization, that's potentially much better, or if it's not high up, at least someone who works within the IT department, because that typically means you're going to find someone who has a lot of access

to the systems if you're able to compromise their account. Now, I've talked about social engineering a ton on this show, how it is a huge part of hacking. See if you've got a system that is at least in theory, really well secured. Your best bet of infiltrating the system is to target a vulnerability. And sometimes you find out

about technical vulnerability, right. You might find out that there's a vulnerability in some software that a company is dependent upon, and by targeting that software vulnerability, you can penetrate the system. You can gain access to it, you can get a foothold there, and if you're really good, or really quick and or really lucky, you can exploit that vulnerability and then you're in. Obviously, there's way more to it than that.

I mean, just because you get access doesn't mean that you can do anything, and even if you can do something, you might get found out before you're able to really do a lot of damage. But you get the idea. That's one method of penetrating a secure system, as you target a vulnerability in some software. But another way is not to worry about the tech side that much at all. You target people. You look at people who have access

to the system you want to infiltrate. People are frequently, in fact almost always, I would say, the weakest point of a security system. If you can convince someone who has access to hand that access over you're in. Maybe you outright trick the person, Maybe you pose as someone in authority, or maybe someone who needs help, and you

convince them to do something they absolutely shouldn't do. As it turns out most of us anyway, if we are presented with someone who who is saying that they really need help, they're in desperate need of some assistance, we want to try and be the person to give them that assistance. It's not universally true, but it's true often enough that this approach works a lot. Or maybe instead you actually are promising this person a cut of the money. Maybe you're counting on their greed to push them into

granting you access. If you target someone who has a lot of administrative access to a system but they are not in a high paying job, sometimes just promising them that, you know, sweet cold hard cash is enough to let them be kind of a conspirator on your side. Now, in this case, it seemed that someone talked to a third party IT staffer, and as part of that conversation, they convinced the IT staffer to reset some multi factor authentication settings so that the hackers could gain access to

a single sign on system. You know, the kind of stuff that ACTA provides out. I'm guessing a lot of you know that there are different levels of access with computer systems, whether we're talking about a network or even just a single computer. So, for example, a user typically

has limited access to a computer or a system. They might be able to do stuff like open specific programs and call up files and that kind of thing, but to make actual changes to the computer, the user might need administrator access, while other levels of access come with specific permissions, and administrator level access has no such restrictions.

And so the attackers wanted two target accounts that would have the highest administrator access to systems to have as much opportunity to do whatever they wanted as they could. So on September fourteenth, news broke that Caesar's Entertainment had also been the target of a ransomware attack. The company had filed a report with the SEC on September seventh. In that report, the company leads with Caesar's Entertainment Incorporated.

The company we or are because it's a unofficial filing, recently identified suspicious activity in its information technology network resulting from a social engineering attack on an outsourced IT support vendor used by the company. Our customer facing operations, including our physical properties and our online and mobile gaming applications, have not been impacted by this incident and continue without disruption end quote. So that's a big difference between the

Caesar's attack and what happened at MGM. The report goes on to say that an investigation determined that the hackers were able to access information in Caesar's Entertainment's loyalty program interface. Obviously, that includes customer information, including stuff like driver's license numbers and or social security numbers. If you enroll in these, you typically have to allow them to make a copy of things like your driver's license in order to get

the benefits of the loyalty program. Now that's clearly a risk for things like identity theft. They said there was no evidence that the hackers were able to access things like passwords, bank account information, or payment card information, so that's good, but the identity theft issue is still a big concern. They did say they would offer credit monitoring to all members of the loyalty program and that it had already taken steps quote to ensure that the stolen

data is deleted by the unauthorized actor end quote. So how do they make sure that this data gets deleted by a party they have no control over. Most folks interpreted that to mean that Caesar's had paid the ransom. Now, the rumor mill said that the hackers were asking for thirty million dollars and in return they would pinky swear that they would delete the stolen data. Caesar's ultimately agreed to pay fifty fifteen million dollars to delete information yaoza.

By the way, fifteen million dollars means that technically this would have been the second most successful casino heist that I have ever encountered. And granted, it's not quite the same as a casino heist, but then number one really isn't either. I'll talk more about that toward the end of this episode. In fact, we'll talk a lot more about the hackers and what they did. But we're going

to take another quick break. Okay, we're back. You're listening to Tech Stuff live at the iHeart Podcast Studio powered by Bose at the House of Music at the iHeartRadio Music Festival. All right, Moving forward a little bit more. Around September fifteenth, a different hacker group called Scattered Spider claimed responsibility for the MGM attack but not the Caesars attack.

VX Underground referred to Scattered Spider as a subgroup. According to numerous sources, this group mostly consists of young hackers think like seventeen to twenty two who live in places like the United States and the United Kingdom. They appear to be native English speakers or extremely fluent English speakers, and they have a reputation for being very very good

at social engineering. Scattered Spider is suspected of using tools like phishing websites in addition to social engineering, so they typically will direct someone to a login page that looks like it's a legit page, but in fact it allows the hackers to fish for credentials. As for multi factor authentication, calling an it helped us to reset MFA is an effective way to get around that. There's also SIM cards swapping that they've done, where they've convinced phone companies to

swap a digital SIM card to a different device. They pose as a customer and then they talk the telecommunications wrap on the other end of the line to change a SIM card setting, which then gives them the ability to access things like multi factor authentication when the code gets sent Instead of going to the valid person, it goes to their phone number, which has now been switched

to a different phones simcard very nefarious. Now, you might wonder about resetting multi factor authentication why anyone would even agree to do that in the first place. I mean, the whole point of multi factor authentication is to have multiple ways of authenticating a person's identity. But with just a little thinking it becomes clear. So let's say that you call into an IT help desk and you claim that you can no longer access your work account because

you recently changed phone numbers. So that means that when you try to log in, you get a text message sent to your old phone number and you can't receive it. So you are talking with them saying, I need you to switch this because I still have my username, I still have my password, but I can't get access because I no longer have that phone and I need to be able to access my work, So you ask for

a reset. Maybe you have a lot of information about the person that you're posing as so as you can convince the person on the other end of the phone call that you're legitimate. Again, that's what you do with the investigation. When you're using LinkedIn to learn a little bit about your kind of patsy if you will, Maybe you just sound really clueless and stressed and you just trigger the I person's desire to help you get out

of the tight spot. Like I said, most of us typically want to help someone when they are really struggling. They reset the MFA on the account, They put a new phone number in that phone that you happen to control, and now you don't have to worry about that multi factor authentication process anymore. So I want to be clear, Scattered Spider, these are not script kiddies, right. These are not people who just download some code and then they make use of it. They have an understanding of how

computer and cloud systems work. They have an understanding how the underlying businesses work. They do their homework. By knowing how these businesses work, they know how to target and make their social engineering efforts have the best chance for success. So I want to be clear, like they are good at what they do. They're not just fast talkers. They know their stuff. So it's possible that they were involved in one or maybe even both of the attacks, though

again they weren't claiming that. However, Alpha has also claimed responsibility for the MGM attack, and they argued that any reports stating it was teenagers were inaccurate and based on rumors. There was another rumor that Alpha was very quick to deny that was reported in at least some outlets that

had to do with slot machines. So, according to this rumor, and I love this rumor, but according to this rumor, Scattered Spider originally wanted to essentially reprogram slot machines so that they just started to pay out cash, kind of like a scene that's in you know, The Ocean's Eleven movies, Except this would mean that the slot machines would sort of spit out tickets, kind of like receipts with winnings on them. The rumor goes that the hackers found this

wasn't really possible. In fact, one of the rumors said that the person who was making this suggestion hadn't even seen The Ocean's Eleven movies, So they were just talking about something they had heard of and wanted to try. And when they found out that it wasn't going to be as easy as they thought, they moved on to

just steal data from the computer systems. Now, Alpha categorically says this story is totally false, it's completely fiction, and that it somehow got you know, circulated among news outlets. What's the truth, dawn't know. Back to OCTO, So, David Bradbury, the CEO of OCTA, has said that social engineering attacks are at the root of five OCTA clients who have recently found themselves compromised by ransomware attacks, and that Caesar's Entertainment and MGM Resorts are two of those five, but

he hasn't named the other three. He also referenced Scattered Spider and Alpha as business associates or affiliates, suggesting that at least some of the hacks of OCTA clients are the product of cooperation between these two groups. So this story is still unfolding as a record here in Las

Vegas right now. Currently, MGM Resorts International says that all operations are back to normal, that's how everything's being reported, and that it's continuing to investigate the quote unquote cybersecurity issue, that the FBI is involved, and that they're taking this very seriously. There are concerns that these attacks will have a hefty impact on the value of both MGM and Caesar's Entertainment. It's certainly had an impact on MGM's ability

to generate revenue while all this was going on. Loyalty program members should probably sign up for credit monitoring because a lot of their personal information is stored in those systems, and it sounds like hackers got access to all of that stuff. So credit monitoring is not a bad idea if you want to make sure that your information hasn't just started been trading around on the dark web and people start like taking out credit cards under your name,

that kind of thing. So probably a good idea at least to keep an eye on your credit. It's easier if you do sign up for credit monitoring, but you can do it on your own if you're really diligent about it. But yeah, scary stuff. I'll also say this, So I've been staying at the Aria, like I said, which is an MGM Resorts property, and have encountered some technical glitches which may or may not have any connection

to the hackers. According to the people I spoke with, they recently used a new computer system and brought it online and that the issues they're running into may very well just be working the bugs out of a new system and have nothing to do with the hackers at all. But what I will say is that they have connected essentially all room controls through an Internet interface, and you can use a tablet or I assume an app to

be able to access those things. But when I got to my room, what I found was that I could not close the curtain on the window. I could not turn off the lights in my room, none of the buttons worked. The tablet that was part of the room would not connect. I did not want to use the app for reasons that I think should be pretty obvious. And so again I don't want to say that that's part of the hacker attack, but it was unfortunate to have that's of experience right on the tail end of

this hacker issue. It's it's concerning, and it's one of those things that will continuously come up. Another thing I will say this again not directly connected to the hacker attack, but just something that I observed. The Wi Fi in that hotel is an open Wi Fi connection, like you can just connect to it and you you know, you do a little sign on on a web landing page,

but then you're connected. There's no password security on the Wi Fi network at all, And I gotta tell you, if you are a major hotel that has just been the target of a massive ransomware attack, maybe you should start offering a password protected Wi Fi network. I'll tell you this, I won't connect to it unless I'm using a VPN. I just refuse to do it. They may be perfectly safe, but it might not be with an

open network like that. And a recent attack in not even a week old at this point, there were still issues unfolding this past week. Don't do it, so yeah, interesting observations. As for moving forward, I think these attacks are the most recent reminders that organizations have to make

some really big decisions about cybersecurity now. Part of that really involves an ongoing educational approach that reinforces how to spot social engineering and phishing schemes and why it's important not to share credentials or to act on suspicious emails or phone calls. This is particularly true for people who are working in positions that have administrative level access to

certain computer systems within an organization. If we count the ransom that Caesar is allegedly paid to have sensitive customer data deleted as a heist. Like I said, it would be the second biggest casino heist in history from what I can tell, at least from a monetary standpoint. If you're wondering what is the number one well that goes

to a kiwi? A New Zealander named James Manning, who would the help of a casino services manager, managed to cheat his way to thirty three million dollars by cheating at blackjack. So supposedly he and this casino employee were able to breach the security camera system and they used things like hand signals and stuff in order to cheat on eight successive hands of blackjack that ultimately resulted in

thirty three million dollars of winnings. Manning was confronted and then by casino security, and then he was banned from the Crown Casino in Melbourne, Australia after they picked up on the scam, and fortunately before the casino had actually credited him most of his winnings so he didn't walk away with thirty three million dollars. The casino chose to keep this matter quiet rather than suffer embarrassment by admitting

that they got taken for thirty million. This was made a little more complicated because Manning was supposed to participate in a PR stunt later in that week. He was supposed to order an outrageously expensive cocktail called the Winston. The Winston was priced at twelve thousand, five hundred dollars

for a single cocktail. The casino had even promoted that this was going to happen, so this was going to be like an event type of thing, and that it would establish a Guinness World record for the most expensive cocktail ever purchased. But with Manning's scam uncovered and then him banned from the casino, they had to scramble to come up with an alternative customer, and then they had to arrange to pay the guy back. So really it

wasn't a purchase at all. Like money changed hands, but it changed hands back, so there was no real purchase here. By the way, that story also has its own share of drama and scandal that goes beyond what I just said. But I think we've had enough for one episode if you ask me. So that means that we're reaching the point where it's time for me to sign off from

the iHeart Podcast studio powered by Bows. Here at the iHeartRadio Music Festival in Las Vegas, Nevada, and maybe in light of these recent hacker attacks, we should actually change that saying to say the house almost always wins. I hope you are all well, and I'll talk to you again really soon. Tech Stuff is an iHeartRadio production. For more podcasts from iHeartRadio, visit the iHeartRadio app, Apple Podcasts, or wherever you listen to your favorite shows.