The Scattered Spider cyber crime group is extending its network intrusions to US insurance companies, following successful attacks on retailers. Initially targeting UK brands, this collective has now shifted focus, likely influenced by increased defenses in the retail sector. Google Threat Intelligence Group warns of the need for heightened vigilance, especially against social engineering tactics that aim at help desks and call centers within the insurance industry. The group assesses the value and vulnerability of targets rather than sticking to a particular sector.
Google Threat Intelligence Group is now aware of multiple intrusions in the US which bear all the hallmarks of Scattered Spider activity.
Given this actor's history of focusing on a sector at a time, the insurance industry should be on high alert, especially for social engineering schemes.
Scattered Spider doesn't care what industry their targets operate in beyond the simple calculation of 'can they pay?' and 'can we get in?'.
Recent shifts in the retail sector that have increased the perceived 'heat' and 'awareness' of the group may be informing the calculus to switch to one that is less prepared.
Collection
[
|
...
]