What is ‘Scattered Spiders’?

Nov. 20, 2023

The Federal Bureau of Investigation (FBI) recently issued a warning to organisations about a hacking group called Scattered Spiders.

About Scattered Spiders:

  • It is a hacking group notorious for invading various organisations across the world.
  • This hacker group is known by other aliases as well, including Starfraud, UNC3944, Scatter Swine, and Muddled Libra
  • The members are as young as 16 years old and primary English speakers.
  • They break into the IT environments of victims, exfiltrate as much valuable data as possible, and then demand payment to keep a lid on that information and not leak or sell it.
  • Modus operandi:
    • They use fake profiles and impersonations to trick a victim organisation's help desk into giving them access.
    • After gaining access to an organisation's systems, hackers keep an eye on internal communication channels.
    • They also keep a tab on emails or conversations that might show if their breach has been discovered.
    • The criminals “frequently join incident remediation and response calls and teleconferences, likely to identify how security teams are hunting them and proactively develop new avenues of intrusion in response to victim defenses.
  • How to stay safe?
    • Maintain offline backups of data.
    • Require all accounts to have password logins.
    • Use longer passwords consisting of at least eight characters and no more than 64 characters in length.
    • Require phishing-resistant multifactor authentication (MFA).
    • Keep all operating systems, software, and firmware up to date.
    • Disable hyperlinks in emails.
    • Keep all data encrypted.