The FBI has issued a warning about a group of international cyberhackers known as “Scattered Spider” targeting the airline industry. This shadowy crew, previously associated with data breaches at companies like Aflac and major retailers in the UK, is now expanding its reach to air travel.
The FBI alert highlighted the group’s use of social engineering techniques to deceive IT help desks into granting access. This has raised concerns about the security of the airline sector, as Scattered Spider targets large corporations and their third-party IT providers, putting anyone in the airline ecosystem at risk.
Led by young hackers in the US and the UK, Scattered Spider has a history of stealing data from corporations and extorting them. In a recent incident, the group was suspected of being behind a major data breach at Aflac, potentially exposing sensitive information of millions of customers.
The cybergang has also been linked to breaches at Erie Insurance, Philadelphia Insurance Companies, Marks & Spencer, and other UK retailers. In a high-profile case in 2023, Scattered Spider hacked into the networks of Caesars Entertainment and MGM Resorts International, demanding hefty ransom payments.
Federal prosecutors in Los Angeles have previously charged five members of Scattered Spider with hacking into 12 companies between 2021 and 2023. Now, the FBI is warning that the group may be turning its attention to the airline industry, using tactics like stealing sensitive data for extortion and deploying ransomware.
The agency is actively working with aviation and industry partners to address this threat and assist victims. Early reporting of any suspicious activity is crucial to prevent further compromises and share intelligence across the industry. The FBI’s alert serves as a reminder for airlines and their partners to remain vigilant against cyber threats and take proactive measures to enhance their cybersecurity defenses.
