Cybersecurity experts have issued urgent warnings that the notorious hacking collective, known as Scattered Spider, is actively targeting airlines and other companies within the transportation sector.
Security analysts from Google’s cybersecurity unit Mandiant and Palo Alto Networks’ Unit 42 research division indicated that recent cyberattacks on aviation companies bear the hallmark techniques of the Scattered Spider group.
Scattered Spider, predominantly composed of English-speaking hackers in their teens and early twenties, specializes in financial theft and extortion by infiltrating and extracting sensitive corporate data. The group is particularly recognized for aggressive social engineering practices, phishing tactics, and occasionally making threats of violence directed at customer help desks and call centers to gain network access.
The alarm comes at a time when several airlines have reported significant security breaches. Hawaiian Airlines confirmed a cyberattack late Thursday and is presently engaged in efforts to safeguard its IT systems. Earlier this month, Canada’s second-largest airline, WestJet, also disclosed an ongoing cyberattack first reported on June 13, which remains unresolved. Media reports have pointed to Scattered Spider as the likely attackers behind the WestJet intrusion.
This recent wave of attacks marks an expansion in Scattered Spider’s targeting patterns, following significant recent operations against the retail industry in the UK and insurance companies. The group has previously breached networks at prominent hotel chains, casino operators, and major technology corporations.
