A small number of key individuals are organising the activities of the group known as Scattered Spider, according to researchers at security firms. If it's true, there is hope that targeted approaches might bring some respite from the group's carnage.
Scattered Spider is responsible for a number of significant, high-impact hacks that have left many victim organisations struggling to recover, sometimes for months. The group first achieved notoriety in 2023 for the hacks of Caesars Entertainment and MGM Resorts International. Since May this year the group is believed to have struck retailers in the UK and the US, insurance companies, and then airlines in quick succession. Overall, it's responsible for the compromise of hundreds of companies since 2022. It is financial cybercrime's apex predator.
Its cybercrime activity is characterised by the use of highly effective social engineering to gain initial access to victims. This is followed up by brutally efficient post-compromise activities to steal data, deploy ransomware and cause mayhem in double-quick time.