A high-profile hacker group may soon begin targeting airlines, the FBI said in a new warning.
In an alert issued on Friday, federal officials said that the cybercriminal group Scattered Spider was expanding its targets to include airlines. The FBI highlighted that the hacker group is known for using social engineering techniques, such as impersonating employees or contractors to deceive IT help desks.
“These techniques frequently involve methods to bypass multi-factor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts. They target large corporations and their third-party IT providers, which means anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk,” the FBI said in a statement on X. “Once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware. The FBI is actively working with aviation and industry partners to address this activity and assist victims.”
Scattered Spider is a group of English speakers, also sometimes known as Øktapus, operating under a Russia-based operation called ALPHV or BlackCat.
The cybercriminal group is linked to the 2023 cyberattack on MGM Resorts, which prompted a 10-day computer shutdown for the casino giant. At the time, it was widely reported that MGM paid $15 million of the $30 million ransomware sought by the group.