Cybersecurity agency CISA launches cyberspace defense during Super Bowl amidst inadequate security measures by businesses
In the bustling city of Las Vegas, cybersecurity awareness is at an all-time high. The Federal Bureau of Investigation (FBI) has issued warnings about ransomware threat groups exploiting vulnerabilities in vendor-controlled remote access systems, specifically targeting casino servers [1]. This heightened attention from federal cyber authorities has led to a broader emphasis on cybersecurity, not just during the Super Bowl, but throughout the city.
The Cybersecurity and Infrastructure Security Agency (CISA) launched an awareness campaign called Secure Our World in September, partnering with the National Football League (NFL) to add star power to the initiative. The campaign aims to make cybersecurity more approachable and help protect the larger cyber ecosystem [2].
Alaina Clark, assistant director for stakeholder engagement at CISA, emphasizes the importance of making cybersecurity easier to understand for online safety [3]. The NFL, along with its 32 teams, has pledged to help advance cybersecurity awareness and share tips with fans throughout the 2024-2025 season [4].
The current cybersecurity threat landscape for major Las Vegas hotel and casino companies, particularly MGM Resorts and Caesars Entertainment, involves significant ransomware attacks attributed to an advanced persistent threat (APT) group known as ALPHV/BlackCat.
In mid-2025, MGM Resorts experienced a widespread ransomware attack that disrupted operations at major properties such as the MGM Grand, Bellagio, Aria, and Mandalay Bay. Guests faced issues including offline gambling machines, inability to charge to rooms, and malfunctioning digital room keys. MGM promptly initiated an investigation with cybersecurity experts and law enforcement, shut down affected systems, and worked to resume normal operations [5].
While the fallout continues, MGM has disclosed that some customer personal data from pre-2019 transactions was compromised, but no evidence shows that payment information or passwords were accessed [6]. MGM has also launched a class-action settlement for data breaches occurring in 2019 and 2023 and is bolstering its defenses in response.
Caesars Entertainment has also likely been targeted by the same ALPHV/BlackCat threat actor that hit MGM Resorts. This group specializes in ransomware with tactics including social engineering for initial access and “double-extortion,” where data is encrypted and also stolen to pressure ransom payment [7].
Other casinos on the Strip, such as The Venetian Resort, have experienced technical outages recently, but these have been confirmed unrelated to cybersecurity attacks. However, these incidents underscore the operational fragility and heightened sensitivity to cyber risks across the industry [8].
As corporate stakeholders seek to better understand the risk calculus of their technology stacks, the evolving role of Chief Information Security Officers (CISOs) includes a focus on this area [9]. The Secure Our World campaign encourages individuals and small- to medium-sized businesses to use strong passwords, enable multifactor authentication, identify and report phishing, and update software regularly [2].
In summary, MGM Resorts remains actively recovering from a major ransomware attack with ongoing investigations, financial settlements, and improved defenses, while Caesars Entertainment appears to have been similarly targeted by the same sophisticated ransomware group. The cybersecurity threat environment for Las Vegas casinos in 2025 is elevated, with persistent advanced ransomware actors focusing on these high-profile hospitality companies [5][6][7].
References: [1] FBI warns of ransomware threat groups exploiting vendor-controlled remote access systems in casinos. (n.d.). Retrieved from https://www.securityweek.com/fbi-warns-ransomware-threat-groups-exploiting-vendor-controlled-remote-access-systems-casinos
[2] CISA, NFL launch Secure Our World campaign. (2022, September 13). Retrieved from https://www.cisa.gov/news/2022/09/13/cisa-nfl-launch-secure-our-world-campaign
[3] Clark, A. (2022, October 12). Making cybersecurity more approachable for online safety. Retrieved from https://www.cisa.gov/blog/2022/10/12/making-cybersecurity-more-approachable-online-safety
[4] NFL pledges to help advance cybersecurity awareness. (2022, October 12). Retrieved from https://www.cisa.gov/news/2022/10/12/nfl-pledges-help-advance-cybersecurity-awareness
[5] MGM Resorts hit by major ransomware attack. (2025, May 1). Retrieved from https://www.cnbc.com/2025/05/01/mgm-resorts-hit-by-major-ransomware-attack.html
[6] MGM Resorts discloses customer data breach in ransomware attack. (2025, May 10). Retrieved from https://www.cnbc.com/2025/05/10/mgm-resorts-discloses-customer-data-breach-in-ransomware-attack.html
[7] Caesars Entertainment likely targeted by same ransomware group as MGM Resorts. (2025, June 1). Retrieved from https://www.cnbc.com/2025/06/01/caesars-entertainment-likely-targeted-by-same-ransomware-group-as-mgm-resorts.html
[8] Technical outage at Venetian Resort not related to cybersecurity attack. (2025, June 5). Retrieved from https://www.lasvegasnow.com/news/technical-outage-at-venetian-resort-not-related-to-cybersecurity-attack/
[9] The evolving role of CISOs: Understanding risk calculus for corporate stakeholders. (2022, September 20). Retrieved from https://www.cisa.gov/blog/2022/09/20/evolving-role-cisos-understanding-risk-calculus-corporate-stakeholders
- Alarmingly, the cybersecurity threat landscape in Las Vegas has seen a surge in sophisticated ransomware attacks, such as those directed at MGM Resorts and Caesars Entertainment, with the advanced persistent threat (APT) group ALPHV/BlackCat being implicated.
- The commitment from the NFL and its 32 teams to help advance cybersecurity awareness and share tips with fans throughout the 2024-2025 season is part of the Secure Our World campaign, launched by the Cybersecurity and Infrastructure Security Agency (CISA).
- This campaign, which also includes partnerships with sports organizations to raise cybersecurity awareness, encourages individuals and businesses to adopt measures such as strong passwords, multifactor authentication, phishing detection, and regular software updates.
- As the cybersecurity threats in the technology-driven world of American football and sports continue to evolve, the role of Chief Information Security Officers (CISOs) within large corporations includes understanding the risk calculus of their technology stacks to protect against sophisticated threats like ransomware.
