Posted on: October 6, 2023, 03:22h.
Last updated on: October 6, 2023, 03:22h.
MGM Resorts International (NYSE: MGM) reportedly stood its ground against hackers who targeted their US operations with ransomware. As a result, MGM is expected to experience a significant decrease in earnings for the third quarter of the year.
The operator of the Bellagio, MGM, announced that their earnings before interest, taxes, depreciation, amortization, and restructuring or rent costs (EBITDAR) for the third quarter will be reduced by $100 million due to the cyber attack. This attack lasted for at least 10 days and MGM is also expecting $10 million in one-time expenses related to the breach.
By not giving in to “Scattered Spider’s” ransom demand, MGM forfeited the chance of potentially lower losses covered by insurance. Sources close to the matter informed the Wall Street Journal of this decision.
This differs from the approach taken by Caesars Entertainment (NASDAQ: CZR) when faced with a similar ransomware attack from the same group. The operator of Harrah’s paid $15 million of the $30 million demanded by Scattered Spider and did not experience the same operational disruptions as MGM.
MGM Followed FBI Guidelines
Similar to the US government’s stance of not negotiating with terrorists, the FBI advises victims of ransomware attacks to refrain from meeting the demands of threat actors.
“The FBI does not support paying a ransom in response to a ransomware attack,” according to the federal law enforcement agency. “Paying a ransom doesn’t guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.”
MGM took this advice, but many companies, including Caesars, do not when they fall victim to ransomware attacks. Consequently, hackers are becoming bolder as they believe there is a low chance of being paid. As a result, the frequency of these breaches is increasing.
“The best way to avoid being exposed to ransomware—or any type of malware—is to be a cautious and conscientious computer user,” adds the FBI. “Malware distributors have gotten increasingly savvy, and you need to be careful about what you download and click on.”
What’s Next for MGM
Following the attack, MGM has taken measures to rebuild its cybersecurity systems and strengthen its defenses. Although a step in the right direction, the damage has been done and some investors argue that MGM should have cooperated with Scattered Spider and paid the ransom.
This argument is supported by the fact that MGM’s $100 million loss in third-quarter earnings is significantly higher than the $15 million paid out by an insurance carrier for Caesars.
However, the situation is complex. In the month following the attack, MGM’s stock fell approximately 20%. Yet, the stock experienced a 4.86% surge on above-average volume, possibly due to the news that the company did not comply with the ransom demand.