\documentclass[notes]{beamer}
\usetheme{Berlin}
\usepackage{graphicx}
\usepackage{hyperref}

\setbeameroption{show notes on second screen=right}

\hypersetup{colorlinks=true, urlcolor=blue}

\title[]{How a Simple LinkedIn Search Took Down a Multi-Billion-Dollar Casino Enterprise}
\author[]{Aidan Sharpe}

\begin{document}
\frame{\titlepage}

\note
{
    Slides with a gray background, appearing in this right-hand column are speaker notes slides. The audience would ever only see the slides in the other column with a white background. This gives the speaker access to additional information, key points, and sources for those points. The speaker notes and the presentation content should be taken into account.
}

\begin{frame}{The Victims}
    \begin{center}
        \begin{figure}
            \includegraphics[width=0.45\textwidth]{MGM_Resorts_website_down.png}
            \caption{A screenshot of the MGM Resorts website following the attacks}
        \end{figure}
    \end{center}
\end{frame}

\note[itemize]
{
    \item Hackers took MGM Resorts offline in mid-September of this year
    \item According to Forbes - \emph{Inside The Ransomware Attack That Shut Down MGM Resorts}, the attack "wreaked havoc on MGM’s operations, forcing guests to wait hours to check in and crippling electronic payments, digital key cards, slot machines, ATMs and paid parking systems."
}

\begin{frame}{Social Engineering with LinkedIn}
    \begin{center}
        \begin{figure}
            \includegraphics[width=0.35\textwidth]{LinkedIn-People.png}
            \caption{LinkedIn gives everyone easy access to employee information}
        \end{figure}
    \end{center}
\end{frame}

\note[itemize]
{
    \item LinkedIn allows anyone to see employees and their positions
    \item Hackers contacted a help desk to obtain login credentials or one-time codes using an employee identity, according to Reuters - \emph{MGM Resorts breached by 'Scattered Spider' hackers: sources}.
    \item Once hackers obtained IT credentials, they had access to anything that IT personnel had access to. Usually, IT have fairly extensive privileges.
    \item Such high privileges caused tremendous damages
}

\begin{frame}{The Damages}
    \begin{itemize}
        \item Likely ransomware attack
        \item Widespread network outages
        \item Digital payment systems and slot machines down
        \item Rough figures put damages over \$40 Million
    \end{itemize}
\end{frame}

\note[itemize]
{
    \item Due to the "high visibility of the disruption", the attack was likely ransomware. This leads to system outages, data loss, and ultimately revenue loss
    \item According to Forbes - \emph{2 Casino Ransomware Attacks: Caesars Paid, MGM Did Not}, at the time of writing, the MGM website had been down for about 85 hours.
    \item According to Forbes - \emph{Inside The Ransomware Attack That Shut Down MGM Resorts}, the affected properties had revenues of about \$13 Million per day.
}

\begin{frame}{Hackers}
    \begin{itemize}
        \item Group was unclear at first
        \item Scattered Spider initially given credit 
        \item ALPHV / Black Cat claimed responsibility
    \end{itemize}
\end{frame}

\note[itemize]
{
    \item Initially it seemed like sources disagreed on the group behind the attack, but it was the complexity of the hacking world that led to the confusion.
    \item Prior to the MGM attack, the another casino enterprise, Caesar's, was hit with ransomware and paid the ramsom. The group behind this attack was Scattered Spider (UNC3944), according to Reuters.
    \item When MGM was attacked Scattered Spider was a top suspect, but the affiliated group, ALPHV / Black Cat claimed responsibility, according to Forbes.
}

\begin{frame}{Lessons Learned}
    \begin{columns}
        \column{0.5\textwidth}
        \begin{itemize}
            \item Employee identity verification
            \item Effective attacks can be simple
            \item Backup everything!
        \end{itemize}

        \column{0.5\textwidth}
        \includegraphics[width=0.9\textwidth]{HDD_Drive_Locked.jpg}
    \end{columns}
\end{frame}

\note[itemize]
{
    \item Taking privileges away from IT makes the job of IT unreasonably difficult. Implementing an employee identification system would ensure that credentials and one-time codes are only given to authorized people.
    \item Another important takeaway is that social engineering attacks do not have to be complex to be effective. Allocating resources to prevent social engineering attacks with proper protocols makes simple attacks a lot more difficult.
    \item Ransomware attacks usually result in tremendous data loss. If proper isolated backup systems are put into place, the amount of data loss can be minimized drastically.
}

\begin{frame}{References}
    \begin{itemize}
        \item Forbes - \href{https://www.forbes.com/sites/suzannerowankelleher/2023/09/13/ransomware-attack-mgm-resorts/?sh=3db6d84d5f38}{Inside The Ransomware Attack That Shut Down MGM Resorts}
        \item Forbes - \href{https://www.forbes.com/sites/suzannerowankelleher/2023/09/14/2-casino-ransomware-attacks-caesars-mgm/}{2 Casino Ransomware Attacks: Caesars Paid, MGM Did Not}
        \item Reuters - \href{https://www.reuters.com/technology/moodys-says-breach-mgm-is-credit-negative-disruption-lingers-2023-09-13/}{MGM Resorts breached by 'Scattered Spider' hackers: sources}
    \end{itemize}
\end{frame}

\end{document}