- Scattered Spider is no longer targeting retailers, Google claims
- “Multiple” intrusions have been spotted in the US
- Insurance companies now seem to be in the crosshairs
The notorious Scattered Spider cybercrime gang is apparently stepping away from attacking high-end retailers and has begun targeting insurance organizations in the US, experts have claimed.
Google Threat Intelligence Group (GTIG) cybersecurity researchers claim to have seen multiple attacks, and are now urging organizations to be on the lookout for potential threats.
“Google Threat Intelligence Group is now aware of multiple intrusions in the US which bear all the hallmarks of Scattered Spider activity. We are now seeing incidents in the insurance industry,” chief GTIG analyst John Hultquist said in an email shared with TechRadar Pro.
DragonForce
Scattered Spider is a “loosely knit” cybercriminal organization operating within a larger hacking community known as “the Com,” known for targeting one industry at the time.
It recently targeted high-end retailers, mostly in the UK, including Harrods, M&S and the Co-op, and has also engaged with US companies, going for social engineering, SIM-swapping, and ransomware.
“Given this actor’s history of focusing on a sector at a time, the insurance industry should be on high alert, especially for social engineering schemes, which target their help desks and call centers,” Hultquist stressed.
Although Google did not discuss who the victims are, The Register says two US-based companies recently reported suffering a cyberattack: Erie Insurance, and Philadelphia Insurance Company. Neither confirmed the incidents were the work of Scattered Spider, but the news aligned suspiciously well.
The publication also says the crooks usually start their attacks with fake helpdesk calls, after which they trick the victims into granting access to their devices, which is later used to deploy the DragonForce ransomware encryptor.
There are multiple ways to defend against ransomware attacks, but the best one is to raise employee awareness about phishing and social engineering, since most attacks abuse people, rather than systems.
Via The Register
You might also like
- This wiper malware takes data destruction to a whole new level
- Take a look at our guide to the best authenticator app
- We’ve rounded up the best password managers