How does the criminal organization responsible for recent major security breaches work?
The cybercrime group Scattered Spider, responsible for last year's series of hacks on American hotels, has about 1,000 members, a senior FBI official said last Friday, May 24.
At the recent conference, Brian Vorndran, assistant director of the FBI's cyber division, described Scattered Spider as "a very large and disparate group" with most of the participants unfamiliar with each other.
According to the agency, Scattered Spider originated from the online community "the Com" and is also known as "0ktapus" or UNC3944. Vorndran also said that now Scattered Spider is one of the top three global cyber threats along with foreign intelligence agencies.
Most of the members of the group are young people from the United States and Great Britain. The group specializes in social engineering, including breaking into privileged networks through support services.
After breaking into the network, Scattered Spider demonstrates high efficiency in moving around systems and extracting data, sometimes collaborating with extortion groups.
The attack on MGM Resorts and Caesars Entertainment last year, which led to disruptions to casinos and hotels in Las Vegas, significantly strengthened the status of Scattered Spider in the cybercrime community.
It is noteworthy that members of Scattered Spider actively form various small groups within their large community, which sometimes cooperate or even compete with each other. Some groups even specialize in harsh methods, including assaults and threats, to force victims to pay ransoms.
The FBI has been criticized for its lack of notable success in arresting members of Scattered Spider, but agency officials say that they simply do not publicly disclose all their actions, and the work is actually underway, and very active.
Researchers call for the same amount of attention and resources to be devoted to cybercrime as it is directed to combating state cyber threats. According to Selena Larson of Proofpoint, "ordinary organizations are more susceptible to cybercrime than to attacks from governments."
The cybercrime group Scattered Spider, responsible for last year's series of hacks on American hotels, has about 1,000 members, a senior FBI official said last Friday, May 24.
At the recent conference, Brian Vorndran, assistant director of the FBI's cyber division, described Scattered Spider as "a very large and disparate group" with most of the participants unfamiliar with each other.
According to the agency, Scattered Spider originated from the online community "the Com" and is also known as "0ktapus" or UNC3944. Vorndran also said that now Scattered Spider is one of the top three global cyber threats along with foreign intelligence agencies.
Most of the members of the group are young people from the United States and Great Britain. The group specializes in social engineering, including breaking into privileged networks through support services.
After breaking into the network, Scattered Spider demonstrates high efficiency in moving around systems and extracting data, sometimes collaborating with extortion groups.
The attack on MGM Resorts and Caesars Entertainment last year, which led to disruptions to casinos and hotels in Las Vegas, significantly strengthened the status of Scattered Spider in the cybercrime community.
It is noteworthy that members of Scattered Spider actively form various small groups within their large community, which sometimes cooperate or even compete with each other. Some groups even specialize in harsh methods, including assaults and threats, to force victims to pay ransoms.
The FBI has been criticized for its lack of notable success in arresting members of Scattered Spider, but agency officials say that they simply do not publicly disclose all their actions, and the work is actually underway, and very active.
Researchers call for the same amount of attention and resources to be devoted to cybercrime as it is directed to combating state cyber threats. According to Selena Larson of Proofpoint, "ordinary organizations are more susceptible to cybercrime than to attacks from governments."
