Additional Coverage:
- A notorious hacker group is now targeting the aviation industry, the FBI says (businessinsider.com)
Cybercrime Group Targets Airline Industry
The FBI has issued a warning about Scattered Spider, a cybercriminal group targeting the US and Canadian aviation industries. The group uses sophisticated social engineering tactics, often impersonating employees or contractors, to trick IT help desks into granting them access to sensitive data. They then frequently deploy ransomware and extort their victims.
Scattered Spider has a history of high-profile attacks. In 2023, they successfully breached the systems of both MGM Resorts and Caesars Entertainment within a single week.
Their current focus appears to be large corporations and their third-party IT providers within the airline ecosystem. This means anyone connected to the industry, including vendors and contractors, could be vulnerable.
The FBI emphasizes that Scattered Spider’s activities do not appear to impact airline safety. However, the agency urges companies to strengthen their IT help desk verification procedures, particularly regarding multi-factor authentication (MFA). They recommend increased scrutiny before adding new devices to MFA, resetting passwords, or providing any employee information that could be exploited in subsequent attacks.
Cybersecurity experts echo the FBI’s concerns. Mandiant, a Google Cloud subsidiary, and Unit 42, part of Palo Alto Networks, have both observed Scattered Spider targeting the aviation sector. They advise organizations to be vigilant against sophisticated social engineering attacks and suspicious MFA reset requests.
Recent cybersecurity incidents at WestJet and Hawaiian Airlines, while not definitively linked to Scattered Spider, highlight the vulnerability of the industry. Both airlines experienced disruptions to their internal systems, though they maintain that flight operations remain unaffected. Southwest Airlines has confirmed that its systems have not been compromised.
Read More About This Story:
- A notorious hacker group is now targeting the aviation industry, the FBI says (businessinsider.com)