Scattered Spider Hackers Target Insurance Firms In A Vicious Ransomware Web

A few months ago, a group of cybercriminals, Scattered Spider, launched sophisticated cyber attacks that bypassed key security infrastructures of several retail companies in the UK. The group has become even more notorious and has reportedly launched a new wave of attacks targeting insurance companies in the United States.

The first company to be hit in this wave of Spider attacks in the UK was Marks and Spencer back in February of this year. In the attack, the gang exploited a vulnerability caused by a vendor's employee error. This error allowed the gang to impersonate key personnel and disable the multiple-factor authentication( MFA) shield protecting IT systems. The gang is reputable for deploying social engineering tactics to lure employees and security personnel into taking actions that will compromise their security infrastructures.

Google threat intelligence researcher John Hultquist has observed the same mode of attacks reported in the UK sweeping ...