
The M&S ‘Scattered Spider' hackers are coming for your holidays
This week it emerged that the secretive 'Scattered Spider' group who attacked M&S and Co-op are targeting the aviation industry.
Charles Carmakal, an executive at Google's cybersecurity unit, said that his firm was 'aware of multiple incidents in the airline and transportation sector which resemble the operations [of] Scattered Spider.'
Sam Rubin, of Palo Alto Networks, said his company had 'observed Muddled Libra (also known as Scattered Spider) targeting the aviation industry.'
While neither Rubin nor Carmakal specified which airlines have been targeted, Hawaiian Airlines and WestJet have recently suffered cyber attacks. WestJet said the incident affected 'some services and software systems' including its app, but neither airline suffered operational disruption due to the breach.
The issue is not isolated to North America. On Monday June 30, Qantas suffered a major cyber attack, reportedly compromising the personal data of up to six million customers.
A spokesperson for the UK Civil Aviation Authority (CAA) told The Telegraph: 'We are aware of rumoured activity. We are in contact with the National Cyber Security Centre and have warned our industry contacts about this group and the techniques they use.'
One of the things that the CAA would have told their industry contacts is that when Scattered Spider targets an industry, the attack tends to be sustained and relentless for a period. If aviation is next in line, how could a hack play out, and what can you do to protect your holiday?
Worrying potential
There are a few different avenues for the hackers. One would be to target airlines' corporate infrastructure. In 2018, 380,000 British Airways customers had their credit card details stolen in a major data breach. Bookings made in a two-week window had been infiltrated in a 'very sophisticated, malicious criminal' attack, according to the airline's former CEO Alex Cruz. The airline was later fined £20m for the security breach.
A second scenario is that ground systems could be targeted. In 2015, Poland's flag carrier LOT cancelled 10 flights after hackers infiltrated the computer systems that issued flight plans from Warsaw's Chopin Airport. But the scale could be much bigger than this. In 2023, the US Federal Aviation Administration's 'Notice to Airmen' (NOTAM) system suffered a three-hour outage.
The result was that all flights across the US were grounded for the first time since 9/11, leaving 11,000 aircraft stuck on tarmac across the country. While this was a hardware issue, not a malicious hack, it highlights the potential impact of a sudden IT meltdown.
The third, and perhaps most worrying scenario, is that in-flight systems could be infiltrated. Earlier this year, several aircraft coming into land at Ronald Reagan National Airport in Washington DC received false mid-air collision warnings, even though there were no other planes in the area.
The pilots receiving the alerts disconnected autopilot and climbed rapidly. It is unknown whether this was caused by the deliberate, malicious 'spoofing' of airline systems, or if it was due to an error or another cause. Regardless, it is an example of how hackers could potentially enter the cockpit in the future, putting pilots into compromised scenarios.
This week's Qantas data breach suggests hackers are already targeting the databases of airlines. But given the nature of Scattered Spider's previous high-profile, high-impact attacks, scenarios two or three should not be ruled out.
'Hacking groups thrive on attention, and with families about to start jetting off on their summer holidays, the potential to attack and extort an airline is irresistible,' says Matt Saunders of Adaptavist, a tech consultancy which works with major airlines.
'The good news is that a potential hacking attempt should not cause safety issues for passengers, as any safety-critical IT systems will already have a manual backup option which maintains the highest safety standards in the event of an unwelcome intrusion,' he added.
How to hack-proof your holiday
There are steps that we, the passenger, can take to protect ourselves from cyber attacks. Paying for your holiday with a credit card is preferable; if somebody makes unauthorised payments on your card you will be protected by the Consumer Credit Act, meaning the process of reclaiming your lost funds will be more straightforward.
Regularly changing the password for your online account with an airline's website or app will also help to protect it from the rising issue of air-mile theft. And, as always, avoid booking tickets on public Wi-Fi networks which might not be encrypted, potentially putting your data at risk.
When it comes to the larger scale hacking incidents, we can only rely on the strength of airline security systems – which are, by all accounts, becoming more powerful. In 2024 alone, the aviation industry spent $37bn (£27bn) on IT systems, and airports spent $9bn (£6.5bn). Around half of airlines and three quarters of airports are in the process of safeguarding data and upgrading IT systems.
'Defending against these risks requires more than perimeter controls – it demands continuous workforce education, Zero Trust principles, phish-resistant multi-factor authentication and identity verification that can't be socially engineered,' stresses Jordan Avnaim of identity security company, Entrust.
Recent cyber attacks on Hawaiian, WestJet and Qantas did not affect flight operations, which should give us hope. Nevertheless, the fact that the shelves in some M&S stores were empty for six weeks and its online orders were suspended – to the sum of £300m – shows why airports, airlines and passengers should remain on high alert.
Hashtags

Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles


Telegraph
36 minutes ago
- Telegraph
Cash Isa bickering masks the real crisis for savers
The debate about whether Rachel Reeves should or should not limit the amount that people can save into a cash Isa has been heated. A good argument can be made that too much money has sat in low-yielding cash accounts that could be working harder in the stock market. But many people still feel, with some justification, that this is just another raid on prudent people trying to do the right thing. The problem with this debate is that most people expressing an opinion have a dog in the race. The Chancellor says she wants people to earn more on their savings – of course she does. But she also has her eye on £300bn of idle cash that would provide a useful boost to the growth promise on which she was elected if it were redirected towards UK-listed companies. That cash would also raise a useful amount of fresh revenue if, as is more likely, it simply moves from a tax-free cash account to a taxable one. You may not be surprised to learn that banks and building societies view that same money as a funding source for the mortgages and other loans they offer. They, therefore, make the case for precautionary saving, and they highlight the danger of putting money to work in the market that you might need soon to pay for a wedding, school fees or a house move. It is no surprise that their counterparts in the asset management and investment platform industry (full disclosure: that's me) prefer to focus on the historical outperformance of stock market investments over cash. We warn that holding too much cash for too long poses a different kind of threat to your financial security. We are all right, of course. There is a place for both cash and investments in our financial lives. The bigger problem is that most people don't understand financial risk. So they don't know how much importance to attach to the arguments on either side of this debate. Or what the right balance of cash and shares should be for them. Reeves highlights one risk of holding too much cash. Doing so usually means you are paying too high a price for certainty. You prefer a return of your money to a return on it. Which is reasonable for some of your savings, but not for all of them. Everyone should set aside a cash buffer before they start to think about investing in the stock market. But once they have done that, there is no reason to park any more in cash. How big that cushion should be is harder to say – it will vary according to your age, your ability to find new work if you lose your job and many other factors. Most people don't know how much cash they should sensibly hold. Consequently, some will hold too little and others far too much. But there is a long list of other risks over which they don't have a good grasp either. And, until they do, tweaking contribution limits may make less of a difference than the Chancellor hopes. You can lead a horse to water, as they say. There are a few things we, as an industry, have not done a great job of explaining. The first is the difference between volatility and risk. Volatility is the natural ups and downs of the market. This is only ever a risk if we sell our investments in response to a fall in their value and crystallise the loss. The stock market fell 20pc between February and April. But unless you sold at the bottom, you won't care now because it quickly recovered. Another point of the cash buffer is to prevent the next risk – being a forced seller. You should always have enough cash in the bank to be able to ignore short-term market volatility. Or to actively desire it as a chance to buy assets at a discount to their real value. Holding that cash is a first step towards avoiding another poorly understood risk: putting our eggs in too few baskets. One of the reasons I have been able to shrug off the market's change of heart on US assets this year is that America is only a part of my portfolio. Yes, there have been times in the past 10 years when I wished it was a bigger part than it was, but broad diversification has felt like a pretty good strategy in the first half of 2025. The biggest risk for most people when it comes to investing (or saving, come to that) is to put it off. I often tell a story about twin sisters, one who starts saving young and one who for too long finds other things to spend her money on. The prudent sister gets to a point in mid-life when she has so much capital that further saving is largely pointless. The other, meanwhile, can never catch up, no matter how long she keeps putting money aside. The point rightly made by the pro-investment lobby is that achieving the first sister's happy state is really only possible by tapping into the stock market's superior returns. The final risk that very few people properly understand is the ravage of inflation. Even those of us who think about how much we might need to fund our retirement fall into the trap of thinking about this in today's money. What we need to understand is that even at the Bank of England's 2pc target for inflation, the pot we manage to accumulate will buy us half as much in 36 years' time as it does today. At 3pc inflation, our purchasing power will halve in just 24 years. This is the strongest argument for shares over cash, which in the long run tends only to match, not beat, inflation. So while I support the Chancellor's desire to get people more focused on their investment returns than the return of their investments, this is just the start of it. Informing people how to save and invest sensibly is more important than bickering over whether they should do so via cash or the stock market.


Daily Mail
37 minutes ago
- Daily Mail
Tragedy as body of teenage boy is pulled from river after 'entering with pals' as heatwave continues
The body of a teenage boy has been pulled from a river after he reportedly entered the water with friends. Police rushed to Beccles Quay, off Fenn Lann in Suffolk, after the teenager failed to resurface from the River Waveney just before 7.30pm last night. A huge multi-agency search was launch involving police, paramedics and the fire service. But sadly the boy's body was found and pulled from the water, police said just before 11pm last night. The death is not being treated as suspicious and a file with be prepared for the coroner in due course. The teenage boy's family has been notified, Suffolk Police have said. A spokesperson for the force said: 'Officers were called to Beccles Quay, off Fen Lane, just before 7:30pm, following concerns for the safety of a teenage boy who had entered the river with friends but had not resurfaced. 'A multi-agency operation was launched, with police, Suffolk Fire & Rescue, East of England Ambulance Service, air ambulance crew and HM Coastguard all in attendance to the incident. 'Searches were conducted and sadly the body of a teenage boy has now been located and recovered from the water. 'The death is not being treated as suspicious and a file with be prepared for the coroner in due course. 'The boy's next of kin have been notified.'


BreakingNews.ie
44 minutes ago
- BreakingNews.ie
Police investigate Bob Vylan over ‘death to IDF' call at gig before Glastonbury
Punk duo Bob Vylan are being investigated by police after allegedly calling for 'death to every single IDF soldier out there' at a concert one month before Glastonbury. The pair are already being investigated by Avon and Somerset Police over their appearance at Worthy Farm when rapper Bobby Vylan led crowds in chants of 'death, death to the IDF (Israel Defence Forces)' during their livestreamed performance at the Somerset music festival last weekend. Advertisement In video footage, Bobby Vylan, whose real name is reportedly Pascal Robinson-Foster, 34, appears to be at Alexandra Palace telling crowds: 'Death to every single IDF soldier out there as an agent of terror for Israel. Death to the IDF.' The pair had supported Iggy Pop at the London venue on his tour on May 28, a month before Glastonbury. Bob Vylan performed on the West Holts Stage at Glastonbury. Photo: Yui Mok/PA. A Met Police spokesperson said on Wednesday: 'Officers are investigating comments allegedly made during a concert at Alexandra Palace earlier this year. 'The decision to investigate follows the emergence of footage which appears to have been filmed at the venue on 28 May 2025.' Advertisement It is not clear when the investigation was launched. The probe comes after it was revealed Bob Vylan will no longer play Radar festival in Manchester. The duo were due to headline the Saturday slot but no longer appear in the line-up. A statement posted on Radar festival's Instagram account said: 'Bob Vylan will not be appearing at Radar festival this weekend.' Advertisement It has since updated its website, changing the Saturday slot to 'Headliner TBA' (to be announced). In response, the group shared the festival's statement on their Instagram story, adding the caption: 'Silence is not an option. We will be fine, the people of Palestine are hurting. Manchester we will be back.' View this post on Instagram A post shared by Bob Vylan (@bobbyvylan) The rap group had issued a statement on Tuesday claiming they were being 'targeted for speaking up' after Avon and Somerset police began its investigation. The BBC has also faced criticism for livestreaming the set and has since apologised, describing the chants as 'antisemitic sentiments' that were 'unacceptable'. Advertisement It later emerged BBC director-general Tim Davie was at Glastonbury while the performance was being livestreamed. A BBC spokesperson said: 'The director-general was informed of the incident after the performance and at that point he was clear it should not feature in any other Glastonbury coverage.' On Monday, the group were banned from entering the US, ahead of their tour, with deputy secretary of state Christopher Landau revoking the duo's visas for their 'hateful tirade at Glastonbury'. They have also been pulled from their upcoming performance at a German music venue. Advertisement Bob Vylan are expected to perform at the Boardmasters surfing and music festival in Newquay, Cornwall, in August.