FBI and Cybersecurity Firms Warn of Increasing Threat to Airlines and Transportation Sector

The Federal Bureau of Investigation (FBI) and cybersecurity firms have issued a warning that a prolific hacking group known as Scattered Spider is now targeting airlines and the transportation sector. In a statement shared with TechCrunch, the FBI revealed that it had recently observed cyberattacks resembling Scattered Spider to include the airline sector.

Executives from Google's cybersecurity unit, Mandiant, and Palo Alto Networks' security research division, Unit 42, also confirmed that they have witnessed Scattered Spider cyberattacks targeting the aviation industry. This collective of mostly English-speaking hackers, typically teenagers and young adults, is financially motivated to steal and extort sensitive data from company networks.

The hackers are known for their deception tactics, which often rely on social engineering, phishing, and sometimes threats of violence toward company help desks and call centers to gain access to their networks. Additionally, they have been known to deploy ransomware. The FBI's statement noted that the hackers may target large corporations and their third-party IT providers, putting "anyone in the airline ecosystem, including trusted vendors and contractors, at risk."

This fresh wave of Scattered Spider attacks comes soon after the cybercriminal gang targeted the U.K. retail sector and the insurance industry. The hackers have previously broken into hotel chains, casinos, and technology giants. The warning is especially concerning given that at least two airlines have reported intrusions this month.

Hawaiian Airlines stated that it was working to secure its systems following a cyberattack, while Canada's second-largest airline, WestJet, reported a cyberattack on June 13 that remains ongoing and unresolved. Media reports have linked the WestJet incident to Scattered Spider. The FBI has updated its statement with additional information, highlighting the growing threat posed by this hacking group.

The increasing sophistication of these attacks highlights the need for robust cybersecurity measures in the airline industry and beyond. As the number of cyberattacks targeting airlines continues to rise, it is essential that companies prioritize their security and implement effective countermeasures to protect themselves against such threats.