FBI Warning Issued As 2FA Bypass Attacks Surge — Act Now
The FBI issues Scattered Spider attack warning.
When the Federal Bureau of Investigation issues a cybersecurity alert, you would be well advised to pay attention and take action. Whether that's involving malicious SMS messages, AI-powered phishing attacks, or, as I recently reported, the skyrocketing number of ransomware threats. And ransomware is the subject of this latest, critical, warning from the FBI. This time involving the Scattered Spider threat group which has made headlines after taking responsibility for multiple retail sector attacks including that against Marks & Spencer in the U.K. which is estimated to have cost the high street chain at least $600 million. Now the group is targeting the airline industry, the FBI has warned, both directly and through the entire supply chain. Here's what you need to know.
FBI Confirms Scattered Spider Attacks Targeting Transportation
A June 26 report from ransomware analysts at Halcyon warned that there were 'indications that Scattered Spider is also now targeting the Food, Manufacturing, and Transportation (particularly Aviation) sectors in the US.' This has now been confirmed by the FBI which provided a statement to me by email that said: 'The FBI has recently observed the cybercriminal group Scattered Spider expanding its targeting to include the airline sector.'
The statement continued to confirm that the ransomware group is using the same methods during this surge of attacks into new sectors, namely 'social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access.'
Specifically, Scattered Spider looks to bypass mutli-factor authentication, commonly referred to as MFA or 2FA, by using various methods to get those help desks to 'add unauthorized MFA devices to compromised accounts.'
Scattered Spider has been on the FBI radar for a number of years, with a joint cybersecurity advisory alongside the Cybersecurity and Infrastructure Security Agency published in 2023 in response to what it described as 'activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors.'
The FBI told me that it is currently actively working with aviation and industry partners 'to address this activity and assist victims,' and urged anyone who thinks their organization may have been targeted to contact their local FBI office. In the meantime, beware of anyone asking for unauthorized 2FA devices to be added to accounts and follow established security processes and procedures to the letter, no matter what the person making the request may say.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Washington Post
17 minutes ago
- Washington Post
Nations are meeting to drum up trillions to combat poverty — but the US isn't going
UNITED NATIONS — Many of the world's nations are gathering starting Monday in Spain for a high-level conference to tackle the growing gap between rich and poor nations and try to drum up trillions of dollars needed to close it. The United States, previously a major contributor, pulled its participation, so finding funding will be tough.
Yahoo
18 minutes ago
- Yahoo
Two People Killed In 'Major' U.S. Highway Racing Accident
Two People Killed In 'Major' U.S. Highway Racing Accident originally appeared on The Spun. Two people are dead following a "major" U.S. highway street racing accident on Sunday. The crash happened on the Pennsylvania Turnpike in Montgomery County on Sunday. Two cars were reportedly racing at high speeds when they crashed. The two cars reportedly lost control and crashed near the Pennsylvania turnpike ramp to I-276 in Upper Moreland Township. Officials announced that the two people who died were the ones driving the cars that authorities believed were racing. From the report: The two killed were the drivers of the two cars racing, officials said. Two other people in a third vehicle were injured after crashing into one of the crashed vehicles, officials said. They both were treated for minor injuries. According to officials, a crash that happened around 3:30 a.m., and led to the closure of the eastbound lanes of the turnpike from the mid-county interchange to Bensalem. An investigation into the crash is underway. Our thoughts are with the friends and family members of the victims on Sunday. Two People Killed In 'Major' U.S. Highway Racing Accident first appeared on The Spun on Jun 29, 2025 This story was originally reported by The Spun on Jun 29, 2025, where it first appeared.
Yahoo
18 minutes ago
- Yahoo
Tanzanian students go on tour of Cumbria police station
Tanzanian students were invited for a tour of Whitehaven Police Station, as part of a link programme, which took place on June 26. Cumbria Rungwe Community Link students and leaders along with their Cumbrian hosts were treated to a tour of the old custody cell block. They could look around police vehicles and also had the opportunity to take their own fingerprints. The students got to look in jail cells (Image: Copeland Police) Copeland Police said: "hank you also to dog handler PC Thomas who attended with his police dogs Luna and Toby, to meet the group and give a little demonstration of their search skills. "We enjoyed meeting the group and discussing the various differences between policing in the UK compared to Tanzania. "This is a great initiative that we have supported over previous years and look forward to future visits."
