Did a teenager take down Vegas? Casino cyberattack shows how AI can make anyone a hacker

A child shall hack them. That’s what happened when a 15-year-old allegedly hit two massive Las Vegas casinos with a colossal cyberattack two years ago.

In a case that reads like a cyberpunk thriller, a 17-year-old from Illinois appeared in juvenile court in September 2025, accused of orchestrating the devastating 2023 cyberattacks on MGM and Caesars Entertainment when he was just 15 years old.

This isn't just a story about teenage hackers. It's a stark warning about how artificial intelligence is democratizing cybercrime and making sophisticated attacks accessible to virtually anyone.

The numbers from this attack are staggering. Caesars Entertainment reportedly paid a $15 million ransom to the attackers. MGM, on the other hand, refused to pay and suffered far greater consequences, with losses estimated between $110 million and $200 million.

The attack method was surprisingly simple yet devastatingly effective. The teenage suspect and his accomplices used social engineering—specifically "vishing" (voice phishing) — to impersonate employees and gain access to the casinos' internal systems. No sophisticated coding was required, just the ability to convince help desk staff that they were legitimate employees needing access.

What a 15-year-old allegedly did two years ago would be fairly easy for just about anybody to do now. It’s easy to impersonate a voice using AI with just a tiny sample. This case, then, demonstrates AI’s role in lowering the barriers to cybercrime. Today's AI tools can help anyone, regardless of technical skill, launch sophisticated attacks that would have required expert-level knowledge just a few years ago.

AI democratizes attack capabilities, lowering the barrier to entry for less technically skilled criminals. This is playing out in real-time with trends like:

• Ransomware automation: Groups like FunkSec are using AI to automate malware creation and rapidly develop encryption tools.
• Deepfake social engineering: AI-generated content helps attackers impersonate authority figures more convincingly.
• AI-generated phishing lures: More sophisticated and personalized attack emails are easy to create and hard to detect.

It’s no wonder how the number of ransomware attacks is skyrocketing. The casino attacks are part of a much larger trend. According to the Acronis Cyberthreats Report H1 2025, the ransomware epidemic is accelerating at an alarming pace:

• The number of publicly known ransomware victims from January 2025 to June 2025 surged by nearly 70% compared to the same period in both 2023 and 2024, totaling 3,642 claimed victims
• February 2025 marked the highest peak with 955 victims, largely driven by the Cl0p ransomware group, which was responsible for 335 cases — a 300% month-over-month increase
• The average lifetime of a malware sample in May 2025 was just 1.4 days, indicating attackers' use of automation to rapidly create new and personalized malware variants

The shift in attack vectors is equally concerning. Phishing surged to 52% of all initial attacks on managed service providers (MSPs) in H1 2025, a major shift from 30% in the same period in 2024. Attackers are increasingly exploiting human vulnerabilities rather than technical ones.

As ransomware surges in sophistication and frequency, traditional security approaches are no longer sufficient. Organizations need comprehensive, integrated protection that can adapt to AI-powered attacks.

Acronis Cyber Protect Cloud provides MSPs with the tools they need to protect their clients from ransomware and other sophisticated threats. The platform offers:

• AI-powered threat detection that can identify and stop attacks in real-time.
• Integrated backup and recovery with tamper-proof storage to ensure rapid restoration.
• Advanced endpoint protection that goes beyond traditional antivirus.
• Email and collaboration app security to protect against phishing and social engineering.
• Comprehensive monitoring of all client environments from a single dashboard.

The key advantage is native integration. Rather than managing multiple point solutions, MSPs can deploy a unified platform that provides layered protection while simplifying management, all with a single console for control.

Acronis Cyber Protect helps businesses protect themselves with capabilities including:

• Behavioral analysis to detect subtle attack patterns and AI-generated threats.
• Zero-trust security models that verify every access request.
• Automated incident response that can contain threats before they spread.
• Regular vulnerability scanning and patch management.
• User education and training to build human firewalls against social engineering.

The casino cyberattack serves as a wake-up call about a new digital reality. When a teenager can allegedly bring down major corporations, just about anybody using AI-assisted tools and basic social engineering can target any organization.

Organizations need to assume they or their clients will be attacked and focus on detection, response and recovery. They need solutions that can adapt to AI-powered attacks. In the age of AI-powered cybercrime, no organization is too big to fall, and no attacker is too young to succeed. The only defense is to be prepared, protected and ready to respond when the inevitable attack comes.