A notorious hacker group is now targeting the aviation industry, the FBI says
Even IT pros are susceptible to hackers these days.
According to an FBI warning, a notorious cybercriminal group known as Scattered Spider is deceiving IT help desks into targeting the US airline industry.
Scattered Spider gained attention in 2023 for hacking both MGM Resorts and Caesars Entertainment within a week of each other.
"These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access," the FBI said on X. "These techniques frequently involve methods to bypass multi-factor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts."
The FBI said the group is focused on large corporations and their third-party IT providers, so "anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk."
"Once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware," the agency said.
The FBI did not indicate that the actions affect airline safety.
Charles Carmakal, the chief technology officer at Google's Mandiant, a cybersecurity firm and subsidiary of Google Cloud, said on LinkedIn that the firm was "aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider."
"We recommend that the industry immediately take steps to tighten up their help desk identity verification processes prior to adding new phone numbers to employee/contractor accounts (which can be used by the threat actor to perform self-service password resets), reset passwords, add devices to MFA solutions, or provide employee information (e.g. employee IDs) that could be used for a subsequent social engineering attacks," he said.
Unit 42, a cybersecurity threat research team that is part of the larger Palo Alto Networks cybersecurity corporation, said it also observed Scattered Spider targeting the aviation industry.
"Organizations should be on high alert for sophisticated and targeted social engineering attacks and suspicious MFA reset requests," Sam Rubin, senior vice president of consulting and threat intelligence for Unit 42, said on LinkedIn on Friday.
Canada's WestJet announced earlier this month that it had uncovered a "cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users." A spokesperson told Business Insider the company has made "significant progress" regarding the matter, and investigations were ongoing.
Hawaiian Airlines also said on Thursday that it experienced a "cybersecurity event" that affected some of its IT systems.
"We continue to safely operate our full flight schedule, and guest travel is not impacted," the company said in a press release.
Neither airline provided details about who or what caused the cybersecurity incidents. A Southwest Airlines spokesperson said that its systems had not been compromised.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Fox News
25 minutes ago
- Fox News
Active shooter, wildfire situation unfolding in Idaho after firefighters ambushed in deadly incident
Authorities are on the scene of an active shooter and wildfire incident in Coeur d'Alene, Idaho, where several firefighters were "attacked." During a news conference, Kootenai County Sheriff Robert Norris shared that at least two people were killed, possibly firefighters. Norris added that they are still "actively taking sniper fire" as he spoke. "We now have two deaths. We have an unknown amount of casualties," Norris said. "We still have civilians that are coming off of that mountain. We have we might have civilians that are stuck or in shock on that mountain. So this is a very, very fresh situation." "We don't know who suspect or suspects are, and we don't know how many suspects there may be," Norris said. A spokesperson for the Northern Lakes Fire Protection confirmed the situation to Fox News Digital, saying that "the active shooter situation and very active wildfire scene were related." The Kootenai County Sheriff's Office issued an alert earlier Sunday afternoon stating: "Active shooter at Canfield Mountain. Injuries have been reported, though the severity remains unknown. Please avoid the area." Officials confirmed that the firefighters were responding to a brush fire near East Nettleton Gulch Road when the shooting started. Due to the danger, fire crews had to retreat, and the brush fire continues to pose a threat. Authorities are urging residents in the vicinity to stay vigilant and exercise caution as the situation develops. FBI Deputy Director Dan Bongino said the agency was headed to the scene to provide "tactical and operational support." He called it an "active scene." Governor Brad Little reacted to the incident in a post on X. "Multiple heroic firefighters were attacked today while responding to a fire in North Idaho. This is a heinous direct assault on our brave firefighters. I ask all Idahoans to pray for them and their families as we wait to learn more. Teresa and I are heartbroken," Little wrote. "As this situation is still developing, please stay clear from the area to allow law enforcement and firefighters to do their jobs." Stepheny Price is a writer for Fox News Digital and Fox Business. She covers topics including missing persons, homicides, national crime cases, illegal immigration, and more. Story tips and ideas can be sent to
Yahoo
30 minutes ago
- Yahoo
Two people shot dead in Idaho while responding to brush fire
Two people have been fatally shot in the western US state of Idaho while responding to a brush fire, say officials. Kootenai County Sheriff's Office told ABC News that firefighters were ambushed. Residents have been asked to avoid the city of Coeur d'Alene as the suspect is still at large. FBI Deputy Director Dan Bongino said agents were responding to the scene to "provide tactical and operational support". Governor Brad Little posted on X that "multiple heroic firefighters" were attacked while responding to the fire. This breaking news story is being updated and more details will be published shortly. Please refresh the page for the fullest version. You can receive Breaking News on a smartphone or tablet via the BBC News App. You can also follow @BBCBreaking on X to get the latest alerts.
CBS News
34 minutes ago
- CBS News
Amid wave of attacks on religious facilities, Justice Department pledges action
Alan Hausman paused mid-sentence during the phone call, then said he is still dogged by "survivor's remorse." Hausman said he can clearly remember trying to drive up a road to get to the Tree of Life synagogue in Pittsburgh after he was alerted to a shooting. But the road was impassable. The memories of the aftermath are indelible. "Every time I see another attack, it's like someone picked the scab off of my wound," said Hausman, who is the president of the synagogue's board of directors. He was not attending the synagogue on the day of the October 2018 shooting spree that killed 11 people. The massacre resulted in 63 counts including hate crime charges, resulting in the conviction and a death sentence against the gunman. Hausman, who is an emergency management official in Pittsburgh, said the Tree of Life now has armed security, as do other religious institutions and organizations in the city and region. The houses of worship have installed new alarm systems, and have roving security guards in parking lots, to deter future threats, he said. The Tree of Life synagogue on the fifth anniversary of the attack on October 27, 2023 in Pittsburgh, Pennsylvania. Justin Merriman / Getty Images According to FBI data and Justice Department officials who spoke with CBS News, the Tree of Life tragedy didn't slow the targeting of religious institutions, but was an early warning of the recent wave of planned attacks. FBI crime reports reviewed by CBS News show assaults or attacks against people at churches, synagogues, temples and mosques surged nearly 100% between 2021 and 2023. In an interview with CBS News, assistant Attorney General for Civil Rights Harmeet Dhillon referenced a growing stack on her desk of criminal cases that allege the targeting of religious centers. "I think it's a form of terrorism, because attacks on churches are meant to terrorize people," Dhillon said. "And they're meant to deter people from going there. And so it makes everyone feel unsafe." On June 18, Justice Department prosecutors secured a 25-year prison term in the case of Rui Zhang of Virginia. Zhang was convicted of targeting a Haymarket, Virginia, church for an attack. Prosecutors alleged Zhang had written a manifesto, and that he was inside a Sunday service at the church with a semiautomatic handgun, two magazines of ammunition, and two knives. He allegedly had additional ammunition, knives, and a canister of bear spray in his nearby car. In April, the Justice Department also secured a conviction of an Arizona man of targeting a series of churches. According to investigators, Zimnako Saleh "traveled to four Christian churches in Arizona, California, and Colorado, wearing black backpacks. At two of those churches, Salah planted those backpacks, placing congregants in fear that they contained bombs. At the other two churches, Salah was confronted by security before he got the chance to plant those backpacks. Photos of backpacks and movements from the day of the attempted attack inside the churches were included in charging documents. Dhillon said civil rights investigators have marshalled a more focused effort to combat the targeting of houses of worship. "We want to shut that threat down by making sure that no one is feeling like churches, houses of worship, people of faith are soft targets in the United States," Dhillon said. "That is why it's a priority." The increasing wave of threats against religious centers is – at least partly – driven by emerging white nationalism or the targeting of minority groups or churches that are welcoming to LGBTQ communities, according to the Southern Poverty Law Center, a liberal-leaning nonprofit organization which focuses on civil rights issues and combating hate crimes. "About one in 10 of the attacks that we documented in the first six months of 2024 were also focused on 'welcoming' religious communities," said R.G. Cravens, an SPLC researcher. "We have seen an uptick in synagogues being targeted for similar things like vandalism, graffiti and harassment since the October 7th (attacks) in Israel," Cravens added. "And those come in a lot of forms that often do indicate the hard right white nationalist and white supremacist groups are involved." Dhillon directed CBS News to several other recent cases under investigation by the Justice Department. In February, Kevin Colantonio, 36, of Rhode Island pleaded guilty to a federal criminal charge for setting multiple fires around the exterior of a predominantly black church in North Providence. The federal criminal cases yield the possibility of lengthy prison terms. Zhang's prison term runs through the year 2050. Dhillon said the Justice Department's new leadership has an urgency in tackling these cases, pointing to hate crime charges filed against a man who allegedly used Molotov cocktails to attack peaceful marchers in Boulder, Colorado, on June 1. "We were all over it. And we filed what has been described to me as the fastest hate crime criminal complaint in recent history," Dhillon said. "It is important for the community being targeted to feel and see that the United States is taking these crimes with the utmost seriousness." The Justice Department is preparing for an August court hearing in the case of Elias Rodriguez, who is accused of targeting and murdering two Israeli embassy officials in Washington, D.C. last month. Rodriguez allegedly shot and killed the victims — a couple about to become engaged, according to Yechiel Leiter, Israel's ambassador to the U.S. — as they were leaving the museum, which is located in the heart of the U.S. capital. According to police and video from the scene, he shouted "free, free Palestine" as he was being taken into custody. Within 24 hours, the Justice Department announced that the case was being investigated as a potential hate crime. Rodriguez is being held in pretrial detention.
