Among the many indignities of aging is the sudden inability to instantly recall names and words that once came easily. It’s one of the primary reasons I write this blog: to exercise my mind and prevent my reasoning and argumentative skills from atrophying, much like I religiously go to the gym to fight off musculature and skeletal decline. Use it, or lose it, as the saying goes.
Another recurring fear is reading a news story and thinking I’ve lost my ability to easily understand its meaning and significance. I had such a moment this past weekend, reading about the arrest of a 17-year-old who two years ago was allegedly part of a cyber gang that brought MGM Resorts to its knees and cost it some $115 million. Other casinos were also targeted.
That means the kid was all of 15 when he committed his crime, which he reportedly admitted to after turning himself in. However, police have yet to recover $1.8 million in ransom the kid and his crew allegedly shook down from casinos desperate to regain control of their IT networks.
I read the story multiple times to ensure I understood it correctly. I definitely did.
Along Came a Spider
Las Vegas prides itself on being the city that never sleeps, but for a few terrifying days in September 2023, it was the slot machines and reservation systems that were disabled.
A ransomware gang known as Scattered Spider breached MGM Resorts International’s systems, forcing the casino giant to shut down everything from digital room keys to ATMs. Guests couldn’t check in, restaurants couldn’t process credit cards, and high rollers couldn’t even get their comps comped. The Strip, usually defined by its neon dazzle, was instead mired in IT paralysis.
The hack turned into one of the costliest cyberattacks in U.S. hospitality history, with MGM ultimately disclosing more than $115 million in losses. That figure doesn’t include the reputational damage of seeing an enterprise built on security and spectacle humbled by hackers believed by cyber experts to be barely out of high school. Caesars Entertainment was hit at the same time and reportedly paid off the attackers, but MGM tried to tough it out — and paid the bigger price.
What makes this story more than a Vegas sideshow is what it reveals about corporate cybersecurity in America. Las Vegas casinos were long famed for their vigilance of cheats. Recall the classic scene in The Cooler, where Alec Baldwin plays a casino boss who discovers a cheat trying to pocket $150,000. A more realistic modern-day movie would be Revenge of the Nerds in Las Vegas, where the casino managers are the ones getting digitally roughed up.
The 17-year-old cybercriminal wasn’t identified because he’s a minor, although prosecutors want to try him as an adult on charges of extortion and conspiracy, which could put the kid behind bars for quite some time.
CISA for Kids
Frankly, I’d consider it a waste of the kid’s impressive IT talents. Better to sentence him to ten years as head of the Cybersecurity and Infrastructure Security Agency (CISA) — the U.S. agency supposedly responsible for defending the nation’s critical infrastructure.
Based on the state of things, CISA could definitely use the help.
The New York Times this past weekend also published a cybercrime story so remarkable I read it twice. It included a detail about China’s hacking capabilities that should alarm every American.
The publication reported on a years long intrusion by hackers collectively called Salt Typhoon, allegedly tied to China’s communist government. The Times reported that Salt Typhoon may have stolen information about nearly every American and targeted dozens of countries. The stolen data could let Chinese intelligence “identify and track their targets’ communications and movements around the world.”
The Times’ bombshell report reaffirmed what a cybersecurity expert once told me: China is believed to already possess the health records of most Americans. The expert said U.S. hospitals are such losers at cybersecurity that their systems are often hacked for months without detection.
According to the Times, China has become so sophisticated that U.S. officials were alarmed in 2023 to discover Chinese state hackers had infiltrated critical infrastructure with malicious code capable of wrecking power grids, communications systems, and water supplies. The threat was so serious that CIA Director William J. Burns made a secret trip to Beijing to confront his counterpart. Burns warned there would be “serious consequences” if Beijing unleashed the malware.
China apparently wasn’t fazed.
Firewall Follies
In yet another story that boggled my mind but received scant attention: federal agencies are racing to contain a new wave of sophisticated hacking by suspected Chinese attackers exploiting flaws in Cisco’s networking equipment.
CISA issued a rare emergency directive, ordering civilian agencies to test Cisco firewall equipment before midnight last Friday and disconnect compromised devices. Hundreds of vulnerable devices were identified in federal networks, some protecting critical infrastructure.
It’s a wonder, at least to me, that government and IT security chiefs still need to be reminded to check if their systems have been breached. Apparently, they do.
No Shame
What’s truly alarming is that Cisco hasn’t suffered reputational damage for selling shoddy firewall equipment that compromised U.S. security. Goldman Sachs considers Cisco one of the best value stocks, and Bank of America Securities recently reiterated a Buy rating.
Cisco’s management has had other priorities. The company once promised to be the backbone of the internet, but it has become the backbone of Wall Street’s wealth transfer machine: stock buybacks. Over the past decade, Cisco has poured tens of billions into repurchasing its own shares, including another $15 billion earlier this year.
The result? Inflated earnings-per-share metrics and cash funneled to executives and investors — while peddling firewall equipment no match for Beijing’s hackers.
Meanwhile, President Trump earlier this year proposed cutting $495 million and nearly 30% of positions from CISA, gutting programs meant to counter these very threats. Among those axed by Elon Musk’s so-called DOGE warriors were employees hired to build expertise on emerging threats — including one leading the Salt Typhoon investigation.
Biden’s CISA director Jen Easterly, for her part, prided herself on prioritizing women and minority hires. Noble perhaps, but not much help when China is embedding kill switches in America’s grid.
Ctrl-Alt-Nuke
I’ve grown so cynical about U.S. cybersecurity that I honestly wonder if Trump ever tried to activate the nuclear codes whether the missiles would actually launch. I can imagine him staring at a Microsoft error message instructing him to call an 800 number connecting to a Chinese call center “experiencing unusually heavy call volume.”
Think that’s hyperbolic? Think again.
ProPublica reported Microsoft used China-based engineers to maintain government defense systems for nearly a decade — a practice that left some of America’s most sensitive data exposed. U.S.-based “digital escorts” were supposed to supervise them but lacked the expertise to oversee engineers with far more advanced technical skills.
According to the Times’ report, China’s tech companies are required to put national interests ahead of their own and immediately alert the government about exploitable flaws and weak spots in computer systems. China’s leader, Xi Jinping, reportedly has upgraded the talent of the country’s government-sponsored hackers.
Meanwhile, America’s tech leaders and companies have moved to weaken the country’s cybersecurity defenses and even assigned Chinese nationals to work on them.
In Beijing, hacking and cybersecurity is a national mission. In America, it doesn’t appear to even register as an afterthought.