FBI Working Towards Nabbing Scattered Spider Hackers, Official Says (reuters.com) 13
The U.S. FBI is working towards charging hackers from the aggressive Scattered Spider criminal gang who are largely based in the U.S. and western countries and have breached dozens of American organisations, a senior official said. From a report: The young hackers grabbed headlines last year when they broke into the systems of casino-operators MGM Resorts International and Caesars Entertainment locking up the companies' systems and demanding hefty ransom payments. From health and telecom companies to financial services, they have hacked a range of organisations over two years, piling pressure on law enforcement agencies to thwart them.
"We are working towards charging individuals where we can with criminal conduct, in this case, largely around the Computer Fraud and Abuse Act," Brett Leatherman, the FBI's cyber deputy assistant director, told Reuters in an interview. The group was a rare alliance of hackers in Western countries with veteran cybercriminals from eastern Europe, he said on the sidelines of the RSA Conference in San Francisco Wednesday. "Often we don't see that mingling of geographical hackers working together outside the confines of like hacktivism, for example," he said. Security researchers have tracked Scattered Spider since at least 2022 and say the group is far more aggressive than other cybercrime gangs - skilled especially at hijacking the identities of IT helpdesk staff to penetrate into company networks. Caesars paid around $15 million to free its systems from the hackers.
"We are working towards charging individuals where we can with criminal conduct, in this case, largely around the Computer Fraud and Abuse Act," Brett Leatherman, the FBI's cyber deputy assistant director, told Reuters in an interview. The group was a rare alliance of hackers in Western countries with veteran cybercriminals from eastern Europe, he said on the sidelines of the RSA Conference in San Francisco Wednesday. "Often we don't see that mingling of geographical hackers working together outside the confines of like hacktivism, for example," he said. Security researchers have tracked Scattered Spider since at least 2022 and say the group is far more aggressive than other cybercrime gangs - skilled especially at hijacking the identities of IT helpdesk staff to penetrate into company networks. Caesars paid around $15 million to free its systems from the hackers.
Payments (Score:1)
Caesars paid around $15 million to free its systems from the hackers.
It's illegal to pay these ransom demands. I wonder how Caesar's got a pass.
Re: (Score:3)
That's not even true. It's generally legal to pay a ransom. It's just ill-advised in most cases.
Legality (Score:2)
You're right, it's not specifically written in to law as being illegal, though the treasury will possibly sue you if you do so.
https://www.darkreading.com/cy... [darkreading.com]
Re: (Score:3)
It's generally legal to pay a ransom.
Not if the money is going to a sanctioned country, e.g., Russia, which it frequently does.
If they're on-shore, different story, see D.B. Cooper, although still ill advised as all it does is encourage future attacks/demands.
Re: (Score:2)
I suspect most prosecutions would be avoided and be stillborn anyway even if they hit a court. Convincing a judge you had no idea where the bitcoin was going would be pretty simple, and it probably would never get close to a jury who would be very unwilling to convict.
Re: (Score:2)
Maybe if you're working for Mom & Pop, Inc.
It's pretty hard to believe MGM doesn't have a SecOps team and that said team wouldn't be well aware of the fact that most ransomware extortion originates in unfriendly sanctioned countries.
Congress should pass a law making such payments illegal in all circumstances, IMHO, it will remove much of the incentive to commit these crimes in the first place. They'll still happen and a few smaller outfits (e.g., Mom & Pop, Inc.) may chance paying the ransom, but
I'm sure they'll charge people (Score:2)
I'm even sure they'll get convictions. I'm not very sanguine about actually doing anything about the activity. Lots of 19 year old ne'er-do-wells in basements, who working under the guidance of experienced people from places that don't extradite are going to continue to do a lucrative business hamstringing parts of the economy.
I have an idea how to fix the problem but it's a Chinese-style solution. We'll be getting there eventually. It's just that I can see the destination now, probably 20 years in adva
Re: (Score:3)
True.
These people are just useful idiots: assets recruited and given direction and a set of tools by foreign intelligence agents. They think they are cool and special but they are just brainwashed terrorists using code instead of bombs.
Scattered Spider ? (Score:1)
Sounds like an Ubuntu release.
FBI's very poor OPSEC (Score:5, Informative)
Re: (Score:2)
Anyone with any talent is already insulated against US LE activity. They have simps to sacrifice to the gods of inevitable consequences.