CyberSecurity news
FlagThis
Zack Whittaker@techcrunch.com
//
The FBI and cybersecurity firms are issuing warnings about the cybercrime group Scattered Spider, which has recently shifted its focus to targeting airlines and the transportation sector. According to a statement released by the FBI and reported by TechCrunch, recent cyberattacks resembling those of Scattered Spider have been observed within the airline sector. Cybersecurity experts from Google's Mandiant and Palo Alto Networks' Unit 42 have also confirmed witnessing Scattered Spider attacks targeting the aviation industry. This shift in focus comes after the group recently targeted the U.K. retail and insurance industries, and previously, tech companies.
Scattered Spider is known to employ social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access. These techniques frequently involve bypassing multi-factor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts. The FBI warns that Scattered Spider targets large corporations and their third-party IT providers, meaning any organization within the airline ecosystem, including trusted vendors and contractors, could be at risk. Unit 42 has also warned that organizations should be on high alert for sophisticated and targeted social engineering attacks and suspicious MFA reset requests.
Once inside a system, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware. The FBI is actively working with aviation and industry partners to address this activity and assist victims. The agency emphasizes the importance of early reporting, as it allows the FBI to engage promptly, share intelligence across the industry, and prevent further compromise. The recent attacks on the airline sector follow reported intrusions at Hawaiian Airlines and WestJet, with media reports linking the WestJet incident to Scattered Spider. The FBI recommends quickly reporting incidents to allow them to act fast, share intelligence, and limit damage.
ImgSrc: techcrunch.com
References :
Scattered Spider is known to employ social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access. These techniques frequently involve bypassing multi-factor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts. The FBI warns that Scattered Spider targets large corporations and their third-party IT providers, meaning any organization within the airline ecosystem, including trusted vendors and contractors, could be at risk. Unit 42 has also warned that organizations should be on high alert for sophisticated and targeted social engineering attacks and suspicious MFA reset requests.
Once inside a system, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware. The FBI is actively working with aviation and industry partners to address this activity and assist victims. The agency emphasizes the importance of early reporting, as it allows the FBI to engage promptly, share intelligence across the industry, and prevent further compromise. The recent attacks on the airline sector follow reported intrusions at Hawaiian Airlines and WestJet, with media reports linking the WestJet incident to Scattered Spider. The FBI recommends quickly reporting incidents to allow them to act fast, share intelligence, and limit damage.
ImgSrc: techcrunch.com
Share:
References :
- Zack Whittaker: Mandiant and Unit 42 say Scattered Spider attacks now targeting airlines and the transportation industry, the latest sector after recently hitting U.K. retail, insurance, and before that, tech companies.
- securityaffairs.com: The FBI warns that Scattered Spider is now targeting the airline sector.
- techcrunch.com: FBI, cybersecurity firms say a prolific hacking crew is now targeting airlines and the transportation sector
- Zack Whittaker: New: Mandiant and Unit 42 say Scattered Spider attacks now targeting airlines and the transportation industry, the latest sector after recently hitting U.K. retail, insurance, and before that, tech companies.
- techcrunch.com: Prolific cybercrime gang now targeting airlines and the transportation sector
- cyberscoop.com: Hawaiian Airlines announced a cybersecurity incident Friday as security experts warned of a sector-wide threat.
- The Hacker News: The U.S. Federal Bureau of Investigation (FBI) has revealed that it has observed the notorious cybercrime group Scattered Spider broadening its targeting footprint to strike the airline sector.
- Threats | CyberScoop: Scattered Spider strikes again? Aviation industry appears to be next target for criminal group
- Risky.Biz: Risky Bulletin: Scattered Spider goes after aviation sector
- Risky Business Media: Risky Bulletin: Scattered Spider targets the aviation sector
- Metacurity: Airlines, transportation sector are Scattered Spider's latest targets
- www.itpro.com: The Scattered Spider hacker group has a new industry in its crosshairs
Classification:
- HashTags: #Cybersecurity #ScatteredSpider #AirlineCybersecurity
- Company: Airline sector
- Target: Airlines
- Attacker: Scattered Spider
- Feature: Social Engineering
- Type: Hack
- Severity: Medium