In recent months, a group of hackers called Scattered Spider is believed to have broken into the systems of major corporations, including MGM Resorts, Caesars Entertainment, Clorox and others. The Federal Bureau of Investigation (FBI) has struggled to nab the group members even though it is believed they are based in the US and other Western countries.The agency has now warned companies to guard against the group.
As a part of its investigation, the FBI has asked victims of cyberattacks to share more details about the incidents, an official said.
“If we don’t get detailed, timely and accurate information as to these intrusions, we are not able to take actions on those,” an FBI official was quoted as saying.
“They make mistakes just like we do, so the more data that we have coming in, the better able we’re able to make those connections and execute actions against those actions,” the official added.
Why Scattered Spider is a problem
The hacking group is highly-skilled and vigilant in their operations, making it difficult for FBI to stop these hackers. According to a report by news agency Reuters, they use fake profiles and impersonations to trick a victim organisation’s help desk into giving them access.
After gaining access into an organisation’s systems, the hacking group keep an eye on internal communication channels such as Slack, Microsoft Teams and Microsoft Exchange online.
They also keep a tab on emails or conversations that might show if their breach had been discovered, said a joint statement by the FBI and US Cybersecurity and Infrastructure Security Agency (CISA), that sheds light into how these hackers operate.
The criminals “frequently join incident remediation and response calls and teleconferences, likely to identify how security teams are hunting them and proactively develop new avenues of intrusion in response to victim defenses,” it added.
What FBI, CISA are doing
Apart from urging victim organisations to share information such as a sample ransom note, communications with the hackers, their cryptocurrency wallet information, or samples of malicious files, the FBI and CISA urged critical infrastructure organisations to implement security measures they recommended.
“FBI and CISA do not encourage paying ransom as payment does not guarantee victim files will be recovered,” they said.
As a part of its investigation, the FBI has asked victims of cyberattacks to share more details about the incidents, an official said.
“If we don’t get detailed, timely and accurate information as to these intrusions, we are not able to take actions on those,” an FBI official was quoted as saying.
“They make mistakes just like we do, so the more data that we have coming in, the better able we’re able to make those connections and execute actions against those actions,” the official added.
Why Scattered Spider is a problem
The hacking group is highly-skilled and vigilant in their operations, making it difficult for FBI to stop these hackers. According to a report by news agency Reuters, they use fake profiles and impersonations to trick a victim organisation’s help desk into giving them access.
After gaining access into an organisation’s systems, the hacking group keep an eye on internal communication channels such as Slack, Microsoft Teams and Microsoft Exchange online.
They also keep a tab on emails or conversations that might show if their breach had been discovered, said a joint statement by the FBI and US Cybersecurity and Infrastructure Security Agency (CISA), that sheds light into how these hackers operate.
The criminals “frequently join incident remediation and response calls and teleconferences, likely to identify how security teams are hunting them and proactively develop new avenues of intrusion in response to victim defenses,” it added.
What FBI, CISA are doing
Apart from urging victim organisations to share information such as a sample ransom note, communications with the hackers, their cryptocurrency wallet information, or samples of malicious files, the FBI and CISA urged critical infrastructure organisations to implement security measures they recommended.
“FBI and CISA do not encourage paying ransom as payment does not guarantee victim files will be recovered,” they said.
Denial of responsibility! TechCodex is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
Alex Smith is a writer and editor with over 10 years of experience. He has written extensively on a variety of topics, including technology, business, and personal finance. His work has been published in a number of magazines and newspapers, and he is also the author of two books. Alex is passionate about helping people learn and grow, and he believes that writing is a powerful tool for communication and understanding.
