news 
FBI, cybersecurity firms say a prolific hacking crew is now targeting airlines and the transportation sector
The Federal Bureau of Investigation (FBI) has issued a warning alongside cybersecurity firms Mandiant and Unit 42, stating that a notorious hacking group known as Scattered Spider is shifting its attention to target the airline industry and broader transportation sector.
According to the FBI’s statement, the agency has “recently observed” cyberattacks bearing the hallmark of Scattered Spider, which includes attempting to breach the networks of airlines, their third-party IT providers, and any other organizations within the sector. This warning serves as a stark reminder that no entity is immune from the relentless pursuit of these financially motivated hackers.
Scattered Spider, composed primarily of English-speaking hackers, typically in their teenage years or early twenties, has gained notoriety for its aggressive tactics. These include using social engineering, phishing, and threats of violence to gain access to vulnerable networks. Once inside, they deploy ransomware and steal sensitive data before demanding exorbitant sums from victims.
The FBI’s advisory warns that this hacking group is not limited in their targets, and anyone within the airline ecosystem – including trusted vendors and contractors – could be at risk. This development comes as multiple airlines have already reported instances of cyberattacks this month alone. Hawaiian Airlines has confirmed it is working to secure its systems following an intrusion, while WestJet, Canada’s second-largest airline, remains under attack after initially reporting a breach on June 13.
In recent months, Scattered Spider has expanded its reach beyond the confines of the retail and insurance sectors. The group’s activities have seen them infiltrate hotel chains, casinos, and major technology companies.
As concerns grow about the potential impact of these cyberattacks on air travel safety, cybersecurity experts urge organizations within the industry to remain vigilant and swiftly address any suspicious activity.
Source: techcrunch.com
