UK teen arrested for alleged role in MGM Resorts cyberattack

The suspect was released on bail as investigations continue

UK teen arrested for alleged role in MGM resorts cyberattack

Image:
UK teen arrested for alleged role in MGM resorts cyberattack

A 17-year-old boy from Walsall has been arrested in connection with the September 2023 cyberattack that crippled MGM Resorts for several days.

The West Midlands Police, working alongside the FBI and the National Crime Agency (NCA), apprehended the teenager on Thursday, 18th July, on suspicion of violating the UK's Computer Misuse Act and blackmail offenses.

Authorities believe the teenager was a member of a hacking group that used ransomware attacks against prominent companies, including MGM Resorts in the United States.

Following the arrest, officers seized a number of digital devices from the Walsall residence for forensic examination.

According to the West Midlands Police, the suspect was released on bail as investigations continue.

The online attack, which disrupted resorts and casinos operated by MGM Resorts across the US in September, was orchestrated by a cybercrime group skilled in impersonation and malware deployment.

Hackers employed deceptive phone calls to target both employees and help desks as part of their phishing operations to obtain login credentials.

A representative for the cybercrime gang Scattered Spider (or UNC3944) told TechCrunch that it was responsible for the cyberattack on MGM.

The group reportedly employed ransomware developed by ALPHV, also known as BlackCat, which is a ransomware-as-a-service operation.

"Today's arrest is a testimony to the strength of the FBI's domestic, international, and private sector partnerships," Bryan Vorndran, Assistant Director of FBI's Cyber Division, said.

"The FBI, in coordination with its partners, will continue to relentlessly pursue malicious actors who target American companies, no matter where they may be located or how sophisticated their techniques are."

However, a Reuters report from last year revealed that the FBI may have been aware of the potential attackers for six months prior to the breach.

The report further claimed the agency "struggled" to prevent the attack despite potentially knowing the identities of "at least a dozen members" of the group.

Detective Inspector Hinesh Mehta, Cyber Crime Unit Manager at ROCUWM, West Midlands Police, said these cybercriminals have successfully targeted multiple victims around the world taking from them significant amounts of money.

"We want to send out a clear message that we will find you. It's simply not worth it."

MGM Resorts said they were "proud to have assisted law enforcement in locating and arresting one of the alleged criminals responsible for the cyber attack."

Microsoft applauded the successful operation, stating that such operations send a strong message to cybercriminals that "there will be consequences for your actions".

"Microsoft commends law enforcement for taking action against those that seek to cause harm, and we remain committed to collaborating with others across the public and private sector to collectively combat cyber threats and make the Internet a safer place," the company added.

The investigation is ongoing, and further arrests are possible.