Google Warns US Retailers of Emerging Threat from UK Hackers

Google has issued a warning to US retailers, citing evidence that hackers responsible for disrupting online operations at several British companies are now targeting similar businesses in the United States. The threat comes as Alphabet's Google said it had identified a group of hackers connected to "Scattered Spider", a nickname given to a loosely interconnected network of hackers of varying levels of sophistication.

"US retailers should take note," said John Hultquist, an analyst at Google's cybersecurity arm, in an email sent on Wednesday (May 14). "These actors are aggressive, creative, and particularly effective at circumventing mature security programs." The Scattered Spider-connected group has a history of focusing on a single sector at a time and is likely to target retail for a while longer, Hultquist added.

Scattered Spider is widely reported to have been behind the highly disruptive hack at M&S, one of the best known British businesses, whose online operations have been frozen since April 25. The group has also been linked to several other high-profile hacks on both sides of the Atlantic.

In 2023, hackers tied to Scattered Spider made headlines for hacking casino operators MGM Resorts International and Caesars Entertainment. The group's modus operandi involves targeting a single sector at a time, with retail remaining a likely target for an extended period, according to Hultquist.

Law enforcement has struggled to get a handle on hackers tied to Scattered Spider, in part because of the group's amorphousness, the hackers' youth, and a lack of cooperation from cybercrime victims, Reuters has previously reported. The FBI and the Cybersecurity and Infrastructure Security Agency, America's civilian cyber defense body, did not immediately return a message seeking comment.

Christian Beckner, a vice president with the National Retail Federation, said his members were already alert to the risk of disruptive intrusions from Scattered Spider-linked groups. "We've been closely tracking everything going on in the UK over the past few weeks," he said. "There aren't geographic boundaries on these threats."

"US retailers should take note," said John Hultquist, an analyst at Google's cybersecurity arm, in an email sent on Wednesday (May 14). "These actors are aggressive, creative, and particularly effective at circumventing mature security programs." The Scattered Spider-connected group has a history of focusing on a single sector at a time and is likely to target retail for a while longer, Hultquist added.

The warning from Google highlights the growing threat of cyberattacks in the retail sector. As more businesses move online, they are becoming increasingly vulnerable to hacking attempts. The use of advanced security measures can help protect against such threats, but retailers must remain vigilant and proactive in their efforts to prevent cyberattacks.