- Spread spider is no longer targeting retailers, Google claims
- “More” intrusions have been seen in the US
- Insurance companies now appear to be at the intersection
The notorious scattered spider-cyber crime band apparently goes away from attacking advanced retailers and has begun to target the US insurance organizations, experts have claimed.
Google Threat Intelligence Group (GIRL) cybersecurity researchers claim to have seen more attacks, and are now calling on organizations to be looking for potential threats.
“Google Threat Intelligence Group is now aware of more intrusions in the United States that carry all the hallmarks of scattered spider activity. We are now seeing events in the insurance industry,” said Chief GIGTIG analyst John Hultquist in an E email shared with Techradar Pro.
Dragonforce
Scattered Spider is a “loosely knitted” cyber criminal organization operating within a larger hacking community known as “The com”, which is known for targeting an industry at that time.
It recently targeted advanced retailers, mostly in the UK, including Harrods, M&S and Co-Op, and has also engaged in US companies going to social engineering, SIM-SWAPPING and Ransomware.
“Given this actor’s history of focusing on one sector at a time, the insurance industry should be on high alarms, especially for social engineering schemes targeting their helping and call centers,” Hultquist emphasized.
Though Google did not discuss who the victims are, Registered Says two US-based companies that recently reported a cyberattack: Erie Insurance and Philadelphia Insurance Company. Neither confirmed that the events were worked with scattered spider, but the news adapted suspiciously well.
The publication also says that the villains usually start their attacks with fake Helpdesk calls, after which they fool the victims to give access to their devices, which are later used to implement Dragonforce Ransomware encryption.
There are several ways to defend against ransomware attacks, but the best is to increase the employee awareness of phishing and social engineering as most attacks abuse humans rather than systems.
Via Registered
