Tech Firms Warn 'Scattered Spider' Hacks Are Targeting Aviation Sector (reuters.com) 2
Tech companies Google and Palo Alto Networks are sounding the alarm over the "Scattered Spider" hacking group's interest in the aviation sector. From a report: In a statement posted on LinkedIn, Sam Rubin, an executive at Palo Alto's cybersecurity-focused Unit 42, said his company had "observed Muddled Libra (also known as Scattered Spider) targeting the aviation industry."
In a similar statement, Charles Carmakal, an executive with Alphabet-owned Google's cybersecurity-focused Mandiant unit, said his company was "aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider." Axios adds: The group of mostly Western, English-speaking hackers has been on a months-long spree that's prompted operational disruptions at grocery suppliers, major retail storefronts and insurance companies in the U.S. and U.K.
Hawaiian Airlines said Thursday it's addressing a "cybersecurity incident" that affected some of its IT systems. Canadian airline WestJet faced a similar incident last week that caused outages for some of its systems and mobile app. A source familiar with the incidents told Axios that Scattered Spider was likely behind the WestJet incident.
In a similar statement, Charles Carmakal, an executive with Alphabet-owned Google's cybersecurity-focused Mandiant unit, said his company was "aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider." Axios adds: The group of mostly Western, English-speaking hackers has been on a months-long spree that's prompted operational disruptions at grocery suppliers, major retail storefronts and insurance companies in the U.S. and U.K.
Hawaiian Airlines said Thursday it's addressing a "cybersecurity incident" that affected some of its IT systems. Canadian airline WestJet faced a similar incident last week that caused outages for some of its systems and mobile app. A source familiar with the incidents told Axios that Scattered Spider was likely behind the WestJet incident.
Stupid Palo Alto (Score:1)
Everyone got on board with standardized naming [slashdot.org] for APTs but Palo Alto decided they were too cool for that. As a result, you can call this APT, "Muddled Libra", "UNC3944", or "Scattered Spider".
Assholes.
Every 10-15 years (Score:2)
Every 10-15 years there appears to be a wave of specific attack vectors, which first get exploited by professionals on a small scale, and then eventually ravage larger sectors of the IT industry, typically caused by anarchistic teenagers. We remember the wave of buffer overflow exploits leading to massive pwnage 20-30 years ago. We lived through Anonymous and LulzSec tearing apart gazillions of sites with SQLMap.
Current target seems to be not so much shoddy software, but unmotivated and underpaid help desks