news 
FBI, cybersecurity firms say a prolific hacking crew is now targeting airlines and the transportation sector
The FBI and cybersecurity firms are warning that a highly active hacking group known as Scattered Spider is currently focusing its efforts on airlines and the transportation sector. According to recent statements shared with TechCrunch, the FBI has observed cyberattacks similar in nature to those carried out by Scattered Spider within the airline industry.
Additionally, executives from Google’s cybersecurity unit Mandiant and Palo Alto Networks’ security research division Unit 42 have also reported witnessing Scattered Spider’s attacks targeting aviation-related businesses. This hacking group, comprised mainly of English-speaking hackers, typically teenagers and young adults, is driven by financial motives to steal and extort sensitive data from company networks.
Scattered Spider has gained notoriety for employing deception tactics in their operations, which often rely on social engineering techniques, phishing, and even threats against IT providers and help desks to gain access to targeted systems. In some instances, the group deploys ransomware as a means of further compromising their victims’ data.
The FBI’s warning highlights the potential vulnerability of companies within the airline ecosystem, including trusted vendors and contractors. This raises concerns about the safety of airlines and transportation-related businesses, particularly those that have not taken sufficient measures to protect themselves against cyber threats.
Recent reports indicate at least two airlines, Hawaiian Airlines and WestJet, have been targeted by Scattered Spider’s hackers in recent times. Hawaiian Airlines announced late Thursday that it is working diligently to secure its systems after a cyberattack, while WestJet reported a cyberattack on June 13 that remains unresolved. The FBI has linked the WestJet incident to Scattered Spider.
This fresh wave of attacks by Scattered Spider comes shortly after the group targeted the retail sector and insurance industry. Notably, they have previously breached hotel chains, casinos, and major technology companies.
Zack Whittaker is the security editor at TechCrunch.
Source: techcrunch.com
