Will the latest security recommendations help vulnerable organizations?
The US agencies of the FBI and CISA issued a joint warning about the activities of the hacker group Scattered Spider, consisting mainly of young people under 20 years of age. The group, also known by various other names including Octo Tempest, 0ktapus, Starfraud, UNC3944, Scatter Swine, and Muddled Libra, has attracted attention after attacks on major companies such as MGM Resorts and Caesars Entertainment.
Officials from the FBI did not disclose information about the presence of members of the group in the United States and the United Kingdom, as well as the number of victims who asked for help. It only mentions that the FBI is investigating Scattered Spider.
According to the agency's description, Scattered Spider is proficient in social engineering, using various tactics, including phishing, Push Bombing, and SIM Swapping. In recent months, the group has also used the AlphV/BlackCat ransomware virus in its attacks and has generally actively assisted other BlackCat affiliates.
The FBI and CISA called on affected companies to immediately report cases of compromise in order to increase the likelihood of detecting and stopping future attacks by the group.
The problem with hiding information about attacks is quite common in the United States. So, after the operation to eliminate the infrastructure of the Hive group, it turned out that only 20% of the victims reported the attack and asked for help from law enforcement agencies.
This behavior of organizations is probably due to concern for the reputation and stability of the business, because we have often heard stories about how large companies literally went bankrupt due to the abundance of lawsuits initiated after the leakage of customer data.
The report, based on FBI investigations, notes that Scattered Spider mainly attacks the commercial sector. Hackers use social engineering to obtain credentials and install remote access tools, often bypassing multi-factor authentication.
In September, Lisa Monaco, the Deputy Attorney General of the United States, expressed concern about the participation of young people in hacking activities, which are members of Scattered Spider, emphasizing the need to counter this trend.
Last year's report by Group-IB claims that the phishing campaign Scattered Spider already at that time led to the compromise of almost ten thousand accounts in more than 130 organizations, including Riot Games and Reddit, which only once again reminds of the danger of this hacker association.
To mitigate the impact of the Scattered Spider malware, the FBI and CISA recommend that organizations set up regular and reliable data backups, use forced multi-factor authentication, and implement management tools for applications used in the company.
The US agencies of the FBI and CISA issued a joint warning about the activities of the hacker group Scattered Spider, consisting mainly of young people under 20 years of age. The group, also known by various other names including Octo Tempest, 0ktapus, Starfraud, UNC3944, Scatter Swine, and Muddled Libra, has attracted attention after attacks on major companies such as MGM Resorts and Caesars Entertainment.
Officials from the FBI did not disclose information about the presence of members of the group in the United States and the United Kingdom, as well as the number of victims who asked for help. It only mentions that the FBI is investigating Scattered Spider.
According to the agency's description, Scattered Spider is proficient in social engineering, using various tactics, including phishing, Push Bombing, and SIM Swapping. In recent months, the group has also used the AlphV/BlackCat ransomware virus in its attacks and has generally actively assisted other BlackCat affiliates.
The FBI and CISA called on affected companies to immediately report cases of compromise in order to increase the likelihood of detecting and stopping future attacks by the group.
The problem with hiding information about attacks is quite common in the United States. So, after the operation to eliminate the infrastructure of the Hive group, it turned out that only 20% of the victims reported the attack and asked for help from law enforcement agencies.
This behavior of organizations is probably due to concern for the reputation and stability of the business, because we have often heard stories about how large companies literally went bankrupt due to the abundance of lawsuits initiated after the leakage of customer data.
The report, based on FBI investigations, notes that Scattered Spider mainly attacks the commercial sector. Hackers use social engineering to obtain credentials and install remote access tools, often bypassing multi-factor authentication.
In September, Lisa Monaco, the Deputy Attorney General of the United States, expressed concern about the participation of young people in hacking activities, which are members of Scattered Spider, emphasizing the need to counter this trend.
Last year's report by Group-IB claims that the phishing campaign Scattered Spider already at that time led to the compromise of almost ten thousand accounts in more than 130 organizations, including Riot Games and Reddit, which only once again reminds of the danger of this hacker association.
To mitigate the impact of the Scattered Spider malware, the FBI and CISA recommend that organizations set up regular and reliable data backups, use forced multi-factor authentication, and implement management tools for applications used in the company.
