My thanks to Kolide for sponsoring Six Colors again this week.
You might have heard about the September 2023 MGM ransomware attack. But beyond the broken slot machines and other anecdotes is the fact that it’s an example of an emerging style of attack that we’ll certainly be seeing more of.
The dominant narrative has been that a single phone call hacked MGM, but that help desk worker was set up to fail by MGM’s weak ID verification protocols. And there’s another factor that could have stopped the hackers in their tracks: it’s all about the device you’re reading this on.
To read more of what Kolide learned when they researched the MGM hack (like how hacker groups get their names, the worrying gaps in MGM’s security, and why device trust is the real core of the story), check out the Kolide Blog.