Cybersecurity experts, including Charles Carmakal from Mandiant, warned that the ransomware group Scattered Spider is now targeting the aviation industry, previously noted for its focus on the retail and insurance sectors. Multiple incidents in the airline sector reflect Scattered Spider's tactics. Experts urge the industry to strengthen identity verification processes and be vigilant against social engineering and MFA reset requests. Sam Rubin from Palo Alto Networks' Unit 42 corroborated this trend, stressing that all sectors need to fortify their defenses against evolving cyber threats.
"Mandiant is aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider," said Carmakal via LinkedIn.
"Organizations should be on high alert for sophisticated and targeted social engineering attacks and suspicious MFA reset requests," Rubin stated.
"Defenders in every vertical should bolster their cyber defenses against these attacks," the guidance went on to say.
Carmakal recommended that industries tighten their identity verification processes and other security measures to prevent threat actors from exploiting vulnerabilities.
Collection
[
|
...
]