US Insurance Industry Warned of Scattered Spider Attacks

The threat actor known as Scattered Spider appears to have shifted its focus from the retail sector to insurance companies, according to a warning from Google’s Threat Intelligence Group.

Scattered Spider, tracked by Google and Mandiant as UNC3944, has been around for several years. Its activities have apparently been paused at times, particularly following law enforcement actions, but the hackers are now once again highly active.

The threat group is known for the use of sophisticated social engineering tactics, and its current focus appears to be on ransomware and data theft extortion.

After the recent attacks targeting major UK retailers Co-op, Harrods and M&S were linked to Scattered Spider — and a potentially affiliated ransomware group named DragonForce — Google warned that the hackers had turned their attention to retailers in the United States.

Now, roughly one month later, the tech giant has issued a fresh warning after its Threat Intelligence ...