Airlines are the target of Scattered Spider, the group of cybercriminals who carried out extensive ransomware operations against MGM Resorts International and Caesars Entertainment in 2023.
According to a new FBI advisory, Scattered Spider has been increasingly active targeting airlines, where the thieves use social engineering techniques to trick staff members into giving them access to private information. An increasingly prevalent type of cybercrime that affects a wide range of industries and their clients is social engineering.
"These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access. These techniques frequently involve methods to bypass multi-factor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts,” according to the FBI.
In order to "address this activity and assist victims," the law enforcement agency further stated that it is collaborating with airlines and associated companies. Additionally, the bureau urged businesses to get in touch with law authorities right once if they suspect they have been the target of cyber breaches.
With the purported airline attacks, Scattered Spider seems to be following a similar strategy to that employed against Caesars and MGM in 2023: obtain sensitive data, threaten to release it to the impacted companies, and then hope the companies will pay rather than face the inconveniences of having their customer data listed for sale on the dark web.
In 2023, Caesars and MGM were indeed extorted by the hackers. Caesars reportedly settled the dispute by paying Scattered Spider $15 million. Due to MGM's lack of cooperation, its technology systems throughout its portfolio of domestic casinos were crippled for several days.
Financial repercussions, such as a $100 million impact to MGM's 2023 third-quarter earnings and $10 million in one-time costs, added to those problems. Because payments encourage the criminals to penetrate additional businesses, the FBI advises victims of ransomware to refuse to cooperate with the culprits.
Although Canadian airlines WestJet and Hawaiian Airlines were recently the targets of cyberattacks, and Delta Airlines requested that its passengers reset their passwords and other credentials, airlines have not directly named Scattered Spider as perpetrating crimes against them.
Similar to casino operators, airlines deal with a great deal of extremely sensitive consumer data, such as names, addresses, and phone numbers on official documents like passports and driver's licenses.
That is precisely the kind of information that criminal organizations like Scattered Spider seek to obtain since businesses risk serious harm to their reputations if they fail to prevent cyberattacks and permit the disclosure of client data. According to some analysts, if Scattered Spider is indeed affecting airlines, the bad actors are simply going about their business as usual.
“Scattered Spider is a cybercriminal group that targets large companies and their contracted information technology (IT) help desks. Scattered Spider threat actors, per trusted third parties, have typically engaged in data theft for extortion and have also been known to utilize BlackCat/ALPHV ransomware alongside their tactics, techniques, and procedures (TTPs),” according to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).
Having reviews for everything is beneficial. Even negative reviews can benefit your business because they tell you about the player experience. A well-written review will be succinct and provide enough information to prospective players to avoid forcing them to draw incorrect conclusions about the encounter. It should be as error-free as possible and offer comments and recommendations without disparaging the company in order to ensure that it is professional.
T&Cs Apply 18+, Terms and Conditions Apply
New players only | No restrictions while playing with cash | Min. refund bonus is £10 | Wagering on bonus is 60x | Bonus based on 1st deposit lost | Max bet with bonus is £5 | Skrill and Neteller excluded |
20 Free Spins bonus is awarded on the first deposit (after registration as a new player) of minimum €/£/$10. Only one bonus per player is available. The winnings generated from the bonus will be credited to the player's real money account up to the maximum conversion Amount of €/£/$500. If within 48 hours from crediting the bonus to player's account, player did not use the bonus, the bonus will expire and player shall not be able to receive the expired bonus. Withdrawal request voids any active/pending bonuses. Excluded Skrill deposits.Full Terms apply.
Wagering: 50X. Max Cashout: 10X. Games: Slots, Keno & Scratch Cards. Redeemable: 1X. Max bet per hand: $10. Must have deposited using Bitcoin.
Terms and Conditions apply. New players only. 18+. Min deposit £20. 40x wagering applies to match up bonus. Offer valid for 1 week. 50 Spins on Starburst. 40x wagering appliest to Spins. See full terms here.
New depositing players. Min deposit £10. 18+. Wagering requirements apply 35x. 100 spins includes 3 deposit. See full terms here.
