FBI working towards nabbing Scattered Spider hackers, official says

Send a link to a friend  Share

[May 11, 2024]  By Zeba Siddiqui

SAN FRANCISCO (Reuters) - The U.S. FBI is working towards charging hackers from the aggressive Scattered Spider criminal gang who are largely based in the U.S. and western countries and have breached dozens of American organizations, a senior official said.

The young hackers grabbed headlines last year when they broke into the systems of casino-operators MGM Resorts International and Caesars Entertainment, locking up the companies' systems and demanding hefty ransom payments. From health and telecom companies to financial services, they have hacked a range of organizations over two years, piling pressure on law enforcement agencies to thwart them.

"We are working towards charging individuals where we can with criminal conduct, in this case, largely around the Computer Fraud and Abuse Act," Brett Leatherman, the FBI's cyber deputy assistant director, told Reuters in an interview.

The group was a rare alliance of hackers in Western countries with veteran cybercriminals from eastern Europe, he said on the sidelines of the RSA Conference in San Francisco Wednesday.

"Often we don't see that mingling of geographical hackers working together outside the confines of like hacktivism, for example," he said.

Security researchers have tracked Scattered Spider since at least 2022 and say the group is far more aggressive than other cybercrime gangs - skilled especially at hijacking the identities of IT helpdesk staff to penetrate into company networks. Caesars paid around $15 million to free its systems from the hackers.

In chats with its victims the group has sometimes threatened physical violence, alarming some researchers.

There appeared to be a dip in the gang's activities in January, but they are going "pretty heavy right now," said Charles Carmakal, chief technology officer at Google's Mandiant security arm that has worked with several victims.

[to top of second column]

A projection of cyber code on a hooded man is pictured in this illustration picture taken on May 13, 2017. Capitalizing on spying tools believed to have been developed by the U.S. National Security Agency, hackers staged a cyber assault with a self-spreading malware that has infected tens of thousands of computers in nearly 100 countries. REUTERS/Kacper Pempel/Illustration//File Photo

The gang has targeted over 100 organizations in two years, gaining some level of access into all of them, and was successfully phishing people on a regular basis, he said.

Given the intensity of their attacks, some experts have criticized the lack of arrests, especially since they are based in Western countries.

Leatherman said private security firms were helping the FBI gather evidence.

"This is an incredibly important group for us to continue to look at disruption opportunities for," he said.

"We have a certain burden of proof we have to meet to conduct law enforcement operations. And we are heading in that direction as quickly as we can," he said.

There is one known arrest. In January the FBI charged 19-year-old Noah Urban from Florida for wire fraud, who Leatherman said was with Scattered Spider.

More arrests may be coming. Some of the gang's members are juveniles, but the FBI could use state and local laws to bring them to justice, said Leatherman.

"That's historically very, very effective," he said.

(Reporting by Zeba Siddiqui in San Francisco; Editing by Stephen Coates)

[© 2024 Thomson Reuters. All rights reserved.]This material may not be published, broadcast, rewritten or redistributed.  Thompson Reuters is solely responsible for this content.

Back to top