The FBI has raised concerns about the cybercrime group Scattered Spider expanding its targets to the airline industry. Through social engineering techniques, such as impersonating employees, the group tricks IT help desks into granting access to secure accounts. This method often bypasses multi-factor authentication and poses a significant threat to third-party IT providers who serve large organizations. Cybersecurity experts urge aviation companies to strengthen their help desk processes to mitigate the risk of data theft and ransomware attacks from such tactics.
"These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access," the FBI said.
Mandiant's Charles Carma urged organizations to tighten their help desk identity verification processes, warning that these could be exploited for social engineering attacks.
Collection
[
|
...
]