.png)
4 months ago
8
The cybercriminal group is linked to the 2023 cyberattack on MGM Resorts, which prompted a 10-day computer shutdown for the casino giant.
WASHINGTON — A high-profile hacker group may soon begin targeting airlines, the FBI said in a new warning.
In an alert issued on Friday, federal officials said that the cybercriminal group Scattered Spider was expanding its targets to include airlines. The FBI highlighted that the hacker group is known for using social engineering techniques, such as impersonating employees or contractors to deceive IT help desks.
"These techniques frequently involve methods to bypass multi-factor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts. They target large corporations and their third-party IT providers, which means anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk," the FBI said in a statement on X. "Once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware. The FBI is actively working with aviation and industry partners to address this activity and assist victims."
Scattered Spider is a group of English speakers, also sometimes known as Øktapus, operating under a Russia-based operation called ALPHV or BlackCat.
The cybercriminal group is linked to the 2023 cyberattack on MGM Resorts, which prompted a 10-day computer shutdown for the casino giant. At the time, it was widely reported that MGM paid $15 million of the $30 million ransomware sought by the group.
The warning comes just days after Aflac identified suspicious activity on its U.S. network. The company said that potentially impacted files contain claims information, health information, Social Security numbers, and other personal data related to customers, beneficiaries, employees, agents, and other individuals in its U.S. business.
Cyberattacks against companies have been rampant for years, but a string of attacks on retail companies has raised awareness of the issue, as the breaches can impact customers.
A security breach detected by Victoria's Secret last month led the popular lingerie seller to shut down its U.S. shopping site for nearly four days, as well as to halt some in-store services. Victoria's Secret later disclosed that its corporate systems were also affected, causing the company to delay the release of its first-quarter earnings.
The Associated Press contributed to this report.
