Halloween, All Hallows Eve, and Dia de Muertos celebrations can be a fun time or a scary time. Children dress up in scary costumes and go door to door searching for candy and treats. In some cultures, it is a time to remember those who have gone before us. While many enjoy celebrating in disguise, there is also a dark side where certain bad actors use disguises to hide nefarious activities. This is true in real life and also in cyber life.
Case in Point
It does not matter how big or how powerful your organization is. MGM Resorts is one of the largest casino and hotel companies in the world. Their annual revenue in 2022 was about US$14 billion. The company’s multiple hotel and casino properties in Las Vegas, including Bellagio, Mandalay Bay, and the Cosmopolitan, were all shut down by a cyber attack. Slot machines had to be shut down. The casino floor had to be shut down. The restaurants had to revert to a cash-only basis. Hotel guests, who use computerized access keys were locked out of their rooms.
Aside from this being a massive customer service nightmare, the lost revenue is estimated to be equally as painful to the company. The hotel operations revenue for each day lost is estimated to be about US$8 million. The daily casino revenue lost is estimated at US$5 million. With a little simple math, we surmise the daily loss as a result of this attack is over US$13 million. Three days into the incident, we are at about US$39 million and counting.
Many large hospitality chains have been attacked in the past. The target is usually the personal and financial information of guests. Hyatt, Hilton, InterContinental, Sheraton, Westin, Starwood, Wyndham, Omni, and Mandarin Oriental have all suffered breaches over the last decade. Those, however, have been less disruptive to daily activities.
As of September 13th, the company’s corporate email, restaurant reservation, hotel booking systems, and digital room keys remain offline. MGM’s share price declined more than 6% since Monday. Moody’s warned that the company’s credit rating may be negatively effective noting key risks within the company. Finally, vacationers who did not expect this chaos will be left with a very negative impression of MGM, affecting potential future stays.
During the same week, Caesar Palace, another big Las Vegas resort and casino, paid hackers US$15 Million to settle a ransomware attack that exposed guest information. The hackers breached their firewall to gain access to the names, credit cards, and personal information of guests. This is all scary stuff. This is MGM’s worst nightmare.
Let's compare the cost of breaches to these organizations to the estimated IT budgets. It appears that companies are getting the message that budgeting for cybersecurity tools is a worthwhile investment. According to a Cybersecurity Dive report, global security spending will reach $219 billion this year. That is up about 12% from 2022. Growth in spending to protect networks and information is expected to continue into the foreseeable future.
As we have seen from the Caesars Palace example, simply installing a firewall is not enough to secure information assets and protect the business. Fortunately, there are many specialized tools, supplemental to firewalls, that work to block malicious attacks and keep confidential information within the boundaries of the network.
Walls, Moats, Fences, and Guardrails
A single level of protection, such as a firewall, is not enough to protect against all the many types of cyber attacks launched at networks. Network attackers are using social engineering and Artificial Intelligence (AI) to defeat legacy security protections. The question organizations are asking is this: “How can we layer multiple specialized #networksecurity tools without impacting the availability or performance of our network?”
Visibility Architecture for Security
The problems with layering multiple tools on every link include adding delay, reducing overall network reliability, and finding a budget for all the new tools. The solution to all these issues is to connect the tools through TAPs and Packet Brokers developed by Network Critical.
TAPs provide a fail-safe connection to live links for security and monitoring tools. They do not have a MAC or an IP address so are invisible to the network. They do not introduce delay into the network. Intelligent TAPs, like the SmartNA range from Network Critical, have many budget-saving features:
Port Mapping - Traffic on active links can be mapped to single or multiple ports to be directed to specific tools.
Aggregation - Traffic from multiple underutilized links can be combined and directed to a single tool. This allows a single tool to protect multiple links.
Filtering - Not all tools need visibility to all traffic. Tools can run more efficiently and manage more links by filtering traffic that is not important to the tool.
Packet Manipulation - Stripping payload information from packets increases the data privacy of users and reduces the traffic load sent to tools.
Deploying an architecture that provides complete and accurate visibility for security tools provides the necessary layers of protection required to thwart attacks. Breaches that completely disrupt business are expensive and scary. For more information about how to develop your visibility architecture contact the experts at www.networkcritical.com/contact-us. Don’t be scared…be prepared.