- Spread spider may be moving its focus to the United States
- The FBI has warned the airline and the transport industry to remain vigilant
- Two airlines have already been broken in June 2025
The scattered spider -cyber criminals are now targeting US airlines and transport after moving its cross chairs from British retailers, the FBI and the security companies warn.
The group previously hit Marks & Spencer, Co-Op and Harrods, causing widespread system interruptions and empty shelves.
The FBI Counseling warns that it had “recently observed” cyberattacks that shared similarities to the aforementioned attacks, with Google’s Mandiant and Palo Alto Networks ‘Unit 42, repeating the agencies’ warning.
Scattered spider contacts
The group’s members include English -speaking young adults who are financially motivated. The group uses phishing and social techniques to access networks where they create destruction, steal data and implement ransomware. There is no organized structure for the group, where members are part of a wider organization known as “com”.
The FBI’s warning follows two cyber events affecting airlines this month. Hawaiian Airlines reported a cyberattack on June 26, and Canada’s Westjet released a message that it had discovered a cyber event on June 13. The group could target other organizations directly or violate third parties in the supply chain to access.
“Anyone in the airline’s ecosystem, including trusted suppliers and contractors, could be at risk,” the FBI declaration warns.
“The FBI is actively working with aviation and industrial partners to tackle this activity and help victims. Early reporting allows the FBI to engage immediately, share intelligence throughout the industry and prevent further compromise. If you suspect your organization has been targeted, contact your local FBI office,” the statement says.
Back in May 2025, Google’s threat information group (TIG) also warned that scattered spider began to move its focus over to the United States.
