Ex-IDF cyber chief on Iran, Scattered Spider, and why social engineering worries him more than 0-days

Interview Scattered Spider and Iranian government-backed cyber units have more in common than a recent uptick in hacking activity, according to Ariel Parnes, a former colonel in the Israeli Defense Forces' cyber unit 8200.

Both the financially motivated crew and Tehran's APT groups excel at social engineering attacks, and are proof positive that cybercriminals don't necessarily need to use zero-days to inflict damage.

"One of the famous cases in Israel was with an insurance company," Parnes, co-founder and COO at cloud threat detection and response firm Mitiga, told The Register. 

He's referring to an Iranian hack-and-leak operation in late 2020 against Israeli insurance company Shirbit, which insured employees of Israel's Defense Ministry — although it's worth noting that Scattered Spider also had a more recent run of digital intrusions into American insurance firms.

An Iran government-backed group "stole data, leveraging social engineering and one day vulnerabilities ...