A notorious hacker group is now targeting the aviation industry, the FBI says
Scattered Spider, a cybercriminal group, is targeting the aviation industry in the US and Canada.
The FBI said the hackers are deceiving IT help desks into granting them access to data.
Anyone part of the "airline ecosystem" could be at risk, the FBI said.
Even IT pros are susceptible to hackers these days.
According to an FBI warning, a notorious cybercriminal group known as Scattered Spider is deceiving IT help desks into targeting the US airline industry.
Scattered Spider gained attention in 2023 for hacking both MGM Resorts and Caesars Entertainment within a week of each other.
"These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access," the FBI said on X. "These techniques frequently involve methods to bypass multi-factor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts."
The FBI said the group is focused on large corporations and their third-party IT providers, so "anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk."
"Once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware," the agency said.
The FBI did not indicate that the actions affect airline safety.
Charles Carmakal, the chief technology officer at Google's Mandiant, a cybersecurity firm and subsidiary of Google Cloud, said on LinkedIn that the firm was "aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider."
"We recommend that the industry immediately take steps to tighten up their help desk identity verification processes prior to adding new phone numbers to employee/contractor accounts (which can be used by the threat actor to perform self-service password resets), reset passwords, add devices to MFA solutions, or provide employee information (e.g. employee IDs) that could be used for a subsequent social engineering attacks," he said.
Unit 42, a cybersecurity threat research team that is part of the larger Palo Alto Networks cybersecurity corporation, said it also observed Scattered Spider targeting the aviation industry.
"Organizations should be on high alert for sophisticated and targeted social engineering attacks and suspicious MFA reset requests," Sam Rubin, senior vice president of consulting and threat intelligence for Unit 42, said on LinkedIn on Friday.
Canada's WestJet announced earlier this month that it had uncovered a "cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users." A spokesperson told Business Insider the company has made "significant progress" regarding the matter, and investigations were ongoing.
Hawaiian Airlines also said on Thursday that it experienced a "cybersecurity event" that affected some of its IT systems.
"We continue to safely operate our full flight schedule, and guest travel is not impacted," the company said in a press release.
Neither airline provided details about who or what caused the cybersecurity incidents. A Southwest Airlines spokesperson said that its systems had not been compromised.
Read the original article on Business Insider
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
31 minutes ago
- Yahoo
Authorities saw open Bitcoin ATM to recover scammed money — almost $32,000 seized from machine
When you buy through links on our articles, Future and its syndication partners may earn a commission. The Sheriff in Jasper County, Texas, located a little over 100 miles northeast of Houston, used a circular saw to break into a Bitcoin ATM after determining it was used for fraud. According to a Facebook post from the Sheriff's office, a county constituent was defrauded of $25,000 on a crypto scam, which they deposited into the machine. After securing the necessary warrants, the investigators broke open the Bitcoin ATM and seized $31,900 found inside it. Many elderly Americans are being targeted by online scammers. Fraudsters primarily use cash gift cards to circumvent the protections many financial institutions have in place to prevent activities like these. However, the advent of crypto ATMs, like the Bitcoin Depot ATM used in this incident, has made it cheaper and easier for perpetrators to access their stolen funds. The decentralized and anonymized nature of cryptocurrency has made it more difficult for the authorities to trace these transactions, and its global availability means that cross-border transactions do not require identification. According to the FBI, elderly Americans lost $107 million in scams in 2024 through crypto ATMs. Unfortunately, Bitcoin Depot seems to be a victim of this scam. After all, it converts cash to Bitcoin and only acts as a money transmitter or money services business. It also claims to proactively employ robust compliance, AML, and KYC protocols. That means the company and its franchisee, if the affected machine is owned by one, are on the hook (at least for now) for the damaged ATM and the seized contents. Bitcoin Depot told Decrypt that it 'regularly collaborates with investigators to clarify when recovery may be possible' and 'such efforts typically involve the receiving wallet provider or exchange, not the kiosk itself.' They also said, 'We actively support and educate law enforcement agencies, particularly those less familiar with cryptocurrencies. Even though the authorities have already recovered the cash from the ATM, it doesn't mean the victim will get their money back. They must first go through legal means so that the authorities can issue an order to seize the stolen funds. From there, their only hope is that the attacker made a mistake and used an exchange that cooperates with the authorities. Nevertheless, it's not impossible—for example, the U.S. Department of Justice recovered $2.3 million in Bitcoin paid as ransom in the Colonial Pipeline attack. Still, it will be a harrowing journey for the victims to reclaim their money—if they're able to recover it at all. Follow Tom's Hardware on Google News to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button.
Washington Post
34 minutes ago
- Washington Post
Live updates: Senate considering raft of amendments to Trump's massive tax and immigration bill
The Senate is set to convene Monday morning to consider a raft of amendments to President Donald Trump's massive tax and immigration package, most of them offered by Democrats and destined to fail in the Republican-led chamber. Trump has urged Congress to get the bill to his desk by July 4, which is Friday. A Senate-passed bill would require action in the House, which narrowly passed its own version of the One Big Beautiful Bill last month. The legislation would extend tax cuts passed in 2017, enact campaign promises such as no tax on tips and spend hundreds of billions of dollars on the White House's mass deportation drive and national defense priorities. To partially offset the cost, it would make steep cuts to safety-net programs. Democrats are united in opposition. Democratic groups are launching a major organizing push Monday to attack Republicans' signature bill this summer and prepare for the coming elections, an effort that will focus on voter registration and volunteer efforts to make their case to community groups not focused on politics. TORONTO — Canada said late Sunday it would rescind a new tax it planned to collect from large tech companies after President Donald Trump last week called the levy a 'blatant attack' on the United States and said he would suspend trade talks with Ottawa over it. Senate Republicans spent Sunday marshaling support for the centerpiece of President Donald Trump's second-term agenda, a sprawling tax and immigration package, working to prevent defections after a near-revolt over the weekend. The GOP is racing to push the mammoth budget proposal across Trump's desk by a self-imposed July 4 deadline, but fissures remain within the party over the cuts to social benefit and anti-poverty programs and the bill's growing price tag. Republican Sen. Thom Tillis said Sunday that he will not seek reelection next year, less than 24 hours after President Donald Trump threatened him with a primary challenge for opposing Trump's massive tax and immigration bill.
CNN
34 minutes ago
- CNN
Warren Buffett donates record $6 billion Berkshire shares
Warren Buffett donated on Friday another $6 billion of Berkshire Hathaway stock to the Gates Foundation and four family charities, his biggest annual donation since he began giving away his fortune nearly two decades ago. The donation of about 12.36 million Berkshire Class B shares boosted Buffett's overall giving to the charities to well over $60 billion. He donated 9.43 million shares to the Gates Foundation; 943,384 shares to the Susan Thompson Buffett Foundation; and 660,366 shares to each of three charities led respectively by his children Howard, Susie, and Peter: the Howard G. Buffett Foundation, Sherwood Foundation and NoVo Foundation. Warren Buffett still owns 13.8% of Berkshire's stock, based on reported shares outstanding. His $152 billion net worth prior to Friday's donations made him the world's fifth-richest person, according to Forbes magazine. Buffett would rank sixth after the donations, which surpassed the $5.3 billion he donated last June. He donated another $1.14 billion to the family charities last November. In a statement, Buffett maintained he does not intend to sell any Berkshire shares. Now 94, Buffett began giving away his fortune in 2006. He changed his will last year, designating 99.5% of his remaining fortune after his death to a charitable trust overseen by his children. They will have about a decade to distribute the money, and must decide where it goes unanimously. Susie Buffett is 71, Howard Buffett is 70, and Peter Buffett is 67. Warren Buffett has led Omaha, Nebraska-based Berkshire since 1965. The $1.05 trillion conglomerate owns close to 200 businesses including Geico car insurance and the BNSF railroad, and dozens of stocks including Apple and American Express. Susie Buffett leads the Susan Thompson Buffett Foundation, which funds reproductive health and is named for her mother, who was Warren Buffett's first wife. The Sherwood Foundation supports Nebraska nonprofits and early childhood education. The Howard G. Buffett Foundation focuses on global hunger, combating human trafficking and mitigating conflicts. The NoVo Foundation has initiatives focused on marginalized girls and women, and on indigenous communities. Buffett said last June that donations to the Gates Foundation would end when he dies.
