Airlines are directly in hackers’ crosshairs, FBI warns

As summer holidays kick into gear, airlines are facing a new threat. A teen hacking group known as Scattered Spider is targeting the airline industry, the FBI and cybersecurity firms have warned.

Last Friday, the FBI issued an alert saying that the cybercriminal group is "expanding its targeting to include the airline sector." At least two airlines have already been affected by cyberattacks. Both WestJet and Hawaiian Airlines have felt the impact of cybersecurity attacks attributed to this group. Hawaiian Airlines said that a June 23 incident affected some of its IT systems, but flights operated "safely and as scheduled". On June 13, WestJet, a Canadian airline, released a statement reporting a cyberattack that they have continued to address, saying they made "significant progress" in safeguarding their systems.

Scattered Spider is a collective of hackers comprised of teenagers and young adults. Microsoft researchers once called Scattered Spider "one of the most dangerous financial criminal groups."

The group is known for its extortion tactics. The hackers often impersonate employees or contractors to "deceive IT help desks" and gain access to systems, says the FBI. "Once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware," continued the statement.

Google's cybersecurity unit, Mandiant and Palo Alto Networks' research division, Unit 42 both stated that they observed Scattered Spider increasingly targeting the transportation sector.

The FBI said actively working with aviation partners to address the uptick in cybersecurity threats. In the statement, they said the hackers could target both airlines and their third-party IT providers, which means "anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk."

In September 2023, Scattered Spider gained notoriety when the group was linked to multimillion-dollar hacks on MGM Resorts and Caesars Entertainment, two well-known Las Vegas casinos and hotels. MGM ultimately had to pay a ransom of around $15 million to resolve the issue.

The group has previously targeted UK retail giant Marks & Spencer, and was recently suspected to be behind a breach hitting US insurance company Aflac.