Latest news with #ScatteredSpider
Al Arabiya
3 hours ago
- Business
- Al Arabiya
Tech firms warn ‘Scattered Spider' hacks are targeting aviation sector
Tech companies Google and Palo Alto Networks are sounding the alarm over the 'Scattered Spider' hacking group's interest in the aviation sector. In a statement posted on LinkedIn on Friday, Sam Rubin, an executive at Palo Alto's cybersecurity-focused Unit 42, said his company had 'observed Muddled Libra (also known as Scattered Spider) targeting the aviation industry.' In a similar statement, Charles Carmakal, an executive with Alphabet-owned Google's cybersecurity-focused Mandiant unit, said his company was 'aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider.' Neither executive identified which specific companies had been targeted, but Alaska Air Group-owned Hawaiian Airlines and Canada's WestJet have both recently reported being struck by unspecified cyber incidents. Neither company has gone into detail about the intrusions or commented on any potential links between the incidents and Scattered Spider. The loose-knit but aggressive hacking group, alleged to at least in part comprise youngsters operating in Western countries, has been blamed for some of the most disruptive hacks to hit the United States and Europe in recent memory. In 2023, hackers tied to the group broke into gaming companies MGM Resorts and Caesars Entertainment, partially paralyzing casinos and knocking slot machines out of commission. Earlier this year, the group wreaked havoc at British retailers. More recent targets include the US insurance industry.
Forbes
3 hours ago
- Business
- Forbes
FBI Warning Issued As 2FA Bypass Attacks Surge — Act Now
The FBI issues Scattered Spider attack warning. When the Federal Bureau of Investigation issues a cybersecurity alert, you would be well advised to pay attention and take action. Whether that's involving malicious SMS messages, AI-powered phishing attacks, or, as I recently reported, the skyrocketing number of ransomware threats. And ransomware is the subject of this latest, critical, warning from the FBI. This time involving the Scattered Spider threat group which has made headlines after taking responsibility for multiple retail sector attacks including that against Marks & Spencer in the U.K. which is estimated to have cost the high street chain at least $600 million. Now the group is targeting the airline industry, the FBI has warned, both directly and through the entire supply chain. Here's what you need to know. FBI Confirms Scattered Spider Attacks Targeting Transportation A June 26 report from ransomware analysts at Halcyon warned that there were 'indications that Scattered Spider is also now targeting the Food, Manufacturing, and Transportation (particularly Aviation) sectors in the US.' This has now been confirmed by the FBI which provided a statement to me by email that said: 'The FBI has recently observed the cybercriminal group Scattered Spider expanding its targeting to include the airline sector.' The statement continued to confirm that the ransomware group is using the same methods during this surge of attacks into new sectors, namely 'social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access.' Specifically, Scattered Spider looks to bypass mutli-factor authentication, commonly referred to as MFA or 2FA, by using various methods to get those help desks to 'add unauthorized MFA devices to compromised accounts.' Scattered Spider has been on the FBI radar for a number of years, with a joint cybersecurity advisory alongside the Cybersecurity and Infrastructure Security Agency published in 2023 in response to what it described as 'activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors.' The FBI told me that it is currently actively working with aviation and industry partners 'to address this activity and assist victims,' and urged anyone who thinks their organization may have been targeted to contact their local FBI office. In the meantime, beware of anyone asking for unauthorized 2FA devices to be added to accounts and follow established security processes and procedures to the letter, no matter what the person making the request may say.
Time of India
9 hours ago
- Business
- Time of India
Tech firms warn 'Scattered Spider' hacks are targeting aviation sector
Academy Empower your mind, elevate your skills Tech companies Google and Palo Alto Networks are sounding the alarm over the "Scattered Spider" hacking group's interest in the aviation a statement posted on LinkedIn on Friday, Sam Rubin, an executive at Palo Alto's cybersecurity-focused Unit 42, said his company had "observed Muddled Libra (also known as Scattered Spider) targeting the aviation industry."In a similar statement, Charles Carmakal, an executive with Alphabet-owned Google's cybersecurity-focused Mandiant unit , said his company was "aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider."Neither executive identified which specific companies had been targeted, but Alaska Air Group-owned Hawaiian Airlines and Canada's WestJet have both recently reported being struck by unspecified cyber company has gone into detail about the intrusions or commented on any potential links between the incidents and Scattered loose-knit but aggressive hacking group, alleged to at least in part comprise youngsters operating in Western countries, has been blamed for some of the most disruptive hacks to hit the United States and Europe in recent 2023, hackers tied to the group broke into gaming companies MGM Resorts and Caesars Entertainment, partially paralyzing casinos and knocking slot machines out of this year, the group wreaked havoc at British retailers. More recent targets include the U.S. insurance industry.
CNBC
11 hours ago
- Business
- CNBC
North American airlines targeted by cyberattacks
At least two North American airlines have been victims of criminal hackers recently as cybersecurity companies warn that a notorious cybercriminal group has been targeting the aviation industry. Westjet and Hawaii Airlines both said in June statements that they are responding to cyberattacks. American Airlines also experienced a tech issue on Friday, though it's unclear if it was related or caused in any way by hackers. "A technology issue is affecting connectivity for some of our systems and we are working with our partners to fully resolve the issue," an American Airlines spokesperson said in a statement. "Though we are experiencing delays as a result, we have not canceled any flights at this time." Cybersecurity companies that work directly with companies hit by hackers usually refrain from talking about specific victims, citing nondisclosure agreements. But both Google and Palo Alto Networks said Friday that they have observed a particularly effective cybercriminal group, nicknamed Scattered Spider by the cybersecurity industry, that tries to hack companies involved in aviation. Scattered Spider is a loosely affiliated group of young, mostly English-speaking men who are extremely adept at sweet-talking their way into sensitive computer access at large companies. From there, they often hand that access to outside cybercriminals who install ransomware — malicious software that locks up computers, rendering them inoperable — and then demand an extortion payment. The group has been tied to attacks on Las Vegas casinos in 2023 and British department stores earlier this year. After Google warned that Scattered Spider was targeting American retailers, a cyberattack hobbled a top Whole Foods supplier, leading to empty shelves across the country. Charles Carmakal, the chief technology officer of Mandiant, Google's cloud security company, said in an emailed statement that it was tracking "multiple incidents in the airline and transportation sector" where Scattered Spider had broken in. "We are still working on attribution and analysis, but given the habit of this actor to focus on a single sector we suggest that the industry take steps immediately to harden systems," he said. Details on the effects of the attacks on airlines are still sparse. A WestJet spokesperson told NBC News in an email that the company first noticed it had been hacked on June 13 and has made "significant progress" to resolve it. Hawaiian Airlines said in a Friday filing with the Securities and Exchange Commission that it discovered on Monday that it had been hacked and that "Flights are currently operating safely and as scheduled." Neither company responded to questions about whether any flights had been canceled or delayed because of the attacks.
Yahoo
12 hours ago
- Business
- Yahoo
Prolific cybercrime gang now targeting airlines and the transportation sector
Cybersecurity firms are warning that the prolific hacking group known as Scattered Spider is now targeting airlines and the transportation sector. Executives from Google's cybersecurity unit Mandiant and Palo Alto Networks' security research division Unit 42 say they have observed cyberattacks targeting the aviation industry resembling Scattered Spider. Scattered Spider is a collective of mostly English-speaking hackers, typically teenagers and young adults, who are financially motivated to steal and extort sensitive data from company networks. The hackers are also known for their deception tactics, which often rely on social engineering, phishing, and sometimes threats of violence toward company help desks and call centers to gain access to their networks. The warning comes as at least two airlines have reported intrusions this month. Hawaiian Airlines said late Thursday that it was working to secure its systems following a cyberattack. Canada's second largest airline, WestJet, reported a cyberattack on June 13 that remains ongoing and unresolved. Media reports have linked the WestJet incident to Scattered Spider. This fresh wave of Scattered Spider attacks comes soon after the cybercriminal gang targeted the U.K. retail sector and the insurance industry. The hackers have previously broken into hotel chains, casinos, and technology giants.
