Tech Firms Warn 'Scattered Spider' Hacks Are Targeting Aviation Sector (reuters.com)
(Friday June 27, 2025 @11:30PM (msmash)
from the PSA dept.)
- Reference: 0178207704
- News link: https://it.slashdot.org/story/25/06/27/2347206/tech-firms-warn-scattered-spider-hacks-are-targeting-aviation-sector
- Source link: https://www.reuters.com/business/tech-firms-warn-scattered-spider-hacks-are-targeting-aviation-sector-2025-06-27/
Tech companies Google and Palo Alto Networks are [1]sounding the alarm over the "Scattered Spider" hacking group's interest in the aviation sector. From a report:
> In a statement posted on LinkedIn, Sam Rubin, an executive at Palo Alto's cybersecurity-focused Unit 42, said his company had "observed Muddled Libra (also known as Scattered Spider) targeting the aviation industry."
>
> In a similar statement, Charles Carmakal, an executive with Alphabet-owned Google's cybersecurity-focused Mandiant unit, said his company was "aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider."
Axios [2]adds :
> The group of mostly Western, English-speaking hackers has been on a months-long spree that's prompted operational disruptions at grocery suppliers, major retail storefronts and insurance companies in the U.S. and U.K.
>
> Hawaiian Airlines said Thursday it's addressing a "cybersecurity incident" that affected some of its IT systems. Canadian airline WestJet faced a similar incident last week that caused outages for some of its systems and mobile app. A source familiar with the incidents told Axios that Scattered Spider was likely behind the WestJet incident.
[1] https://www.reuters.com/business/tech-firms-warn-scattered-spider-hacks-are-targeting-aviation-sector-2025-06-27/
[2] https://www.axios.com/2025/06/27/aviation-transportation-sector-cyberattacks-scattered-spider
> In a statement posted on LinkedIn, Sam Rubin, an executive at Palo Alto's cybersecurity-focused Unit 42, said his company had "observed Muddled Libra (also known as Scattered Spider) targeting the aviation industry."
>
> In a similar statement, Charles Carmakal, an executive with Alphabet-owned Google's cybersecurity-focused Mandiant unit, said his company was "aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider."
Axios [2]adds :
> The group of mostly Western, English-speaking hackers has been on a months-long spree that's prompted operational disruptions at grocery suppliers, major retail storefronts and insurance companies in the U.S. and U.K.
>
> Hawaiian Airlines said Thursday it's addressing a "cybersecurity incident" that affected some of its IT systems. Canadian airline WestJet faced a similar incident last week that caused outages for some of its systems and mobile app. A source familiar with the incidents told Axios that Scattered Spider was likely behind the WestJet incident.
[1] https://www.reuters.com/business/tech-firms-warn-scattered-spider-hacks-are-targeting-aviation-sector-2025-06-27/
[2] https://www.axios.com/2025/06/27/aviation-transportation-sector-cyberattacks-scattered-spider
Stupid Palo Alto (Score:2)
Everyone got on board with [1]standardized naming [slashdot.org] for APTs but Palo Alto decided they were too cool for that. As a result, you can call this APT, "Muddled Libra", "UNC3944", or "Scattered Spider".
Assholes.
[1] https://tech.slashdot.org/story/25/06/02/1922257/microsoft-google-others-team-up-to-standardize-confusing-hacker-group-nicknames