Report Say FBI Finding it Difficult to Bring Down Casino Hacking Group


  • BetMGM and Caesars both lost millions of dollars in the attacks
  • One explanation for the FBI moving slowly is a loss of human resources to the private sector
  • The hacking group, Scattered Spider, is spread across Western countries

The FBI is struggling to deal with a cyber-hacking criminal group that gained access to BetMGM and Caesars customer accounts and disrupted casino technology, according to cybersecurity experts.

Four individuals close to the situation shared that the FBI has known the identities of at least a dozen members of the hacking group “Scattered Spider” behind the attacks against the gaming companies for at least six months. However, no arrests have been made.

MGM lost $100 million in damages, while Caesars paid $15 million in ransom to regain control of its technology from the group, according to the Wall Street Journal.

Falling behind

The series of attacks affected all sorts of day-to-day operations at MGM and Caesars properties. Hotel key cards stopped working, slot machines went dark, and customers couldn’t cash out their accounts.

The operators were the two largest on the Vegas strip and owned a combined 16 properties. They maintained all of the required security measures and had prepared for what to do in the event of a cyberattack, yet they still weren’t ready for what came their way.

The millions of dollars in losses vaulted Scattered Spider to the top of the most-wanted online hacking group. That’s why many are questioning why no arrests have been made despite the authorities having discerned several members’ identities.

“I would love for somebody to explain it to me,” said Michael Sentonas, president of CrowdStrike, a software company working to combat the attacks.

“For such a small group, they are absolutely causing havoc,” Sentonas said in an October interview with Reuters.

Sentonas said the hackers’ identities were “known” but chose not to elaborate. He also said law enforcement was responsible for the failure to apprehend the individuals behind the attacks.

Reuters reported that sources close to the situation said the FBI had been investigating Scattered Spider for over a year but increased its focus on the group after a series of September casino attacks.

CrowdStriker, cybersecurity groups Mandiant and Paolo Alto Networks, and Microsoft are among the companies that are working to bring the group down.

The group behind it all

Security analysts have tracked victims of Scattered Spider to 230 organizations across a variety of industries, including gaming, telecoms, healthcare, financial services, and more.

IT security company ZeroFox said that the FBI is likely behind the 8 ball because of a lack of human resources. Many recent reports have suggested that law enforcement has lost a chunk of its best assets to the private sector, which often offers better pay.

Many victims of hacks are also hesitant to contact the FBI for fear of public embarrassment, a loss of its customer base, negative press, and more.

Scattered Spider is also, as the name implies, scattered, across multiple Western countries. It is composed of young adults who communicate via Telegram and Discord and often split into smaller groups to launch attacks against various companies.

The group responsible for the casino attacks is known as “Star Fraud,” which is a subset of a group that calls itself “The Com.” “The Com” threatens physical violence against victims that don’t comply and, according to Microsoft, has said the following to victims:

"If we don't get ur…login in the next 20 minutes were sending a shooter to your house (sic)."

"Ur wife is gona get shot if you dont fold it."

The gaming industry is an attractive target for criminals because companies have the ability and willingness to pay large sums of money to regain control of their systems and information.

However, paying ransoms will only increase the likelihood of future attacks, claims Stephanie Benoit-Kurtz, a University of Phoenix College of Business and Information Technology consultant. Hacking groups also have the ability to sell attacks or data retrieval to other entities.

“Now you’re talking $20 million, $30 million and even $50 million requests,” said Benoit-Kurtz. “Organized groups have started to do hacking as a service where they're gaining credentials or gaining certain things. They're monetizing it by selling it to another group.”

Grant is a sports and sports betting journalist who prides himself in his up-to-the-minute reporting on the latest events in the industry. A member of Virginia Tech’s 2021 graduating class, he has quickly put together an impressive portfolio since moving to the professional world full-time. Grant’s favorite sports to cover are basketball and both types of football (American and soccer), and he is pushing written, audio, and video content. He has been employed by companies as highly regarded as Forbes and continues on a great trajectory in the industry. When he’s not on the clock, you can find Grant at the gym, looking for adventures, or hanging out with his family.