Scattered Spider hackers hit airlines and transportation next.
Google’s Mandiant and Palo Alto Networks’ Unit 42 warn this teenage-led cybercrime crew is now targeting aviation companies. The group uses social engineering, phishing, and even threats of violence to break into networks.
Hawaiian Airlines confirmed a cyberattack this week. Canada’s WestJet reported an ongoing, unresolved breach from June 13, linked to Scattered Spider by multiple sources. 
The gang just finished hitting UK retailers and insurers. Before that, they broke into hotels, casinos, and tech firms.
The attack wave on airlines comes as both Hawaiian Airlines and WestJet scramble to secure systems and contain damage.
Charles Carmakal at Mandiant shared on LinkedIn:
Scattered Spider is a financially motivated criminal collective that targets organizations through social engineering and deceptive tactics, focusing on stealing and extorting sensitive data.
Their shift to the aviation sector signals an increased risk to transport infrastructure.
WestJet also issued a public advisory about the ongoing incident. Hawaiian Airlines’ statement said it’s working to secure systems after the attack.
Expect more cyberattacks in transport. Scattered Spider shows no signs of slowing.
