FBI working towards nabbing Scattered Spider hackers, official says
Send a link to a friend
[May 11, 2024]
By Zeba Siddiqui
SAN FRANCISCO (Reuters) - The U.S. FBI is working towards charging
hackers from the aggressive Scattered Spider criminal gang who are
largely based in the U.S. and western countries and have breached dozens
of American organizations, a senior official said.
The young hackers grabbed headlines last year when they broke into the
systems of casino-operators MGM Resorts International and Caesars
Entertainment, locking up the companies' systems and demanding hefty
ransom payments. From health and telecom companies to financial
services, they have hacked a range of organizations over two years,
piling pressure on law enforcement agencies to thwart them.
"We are working towards charging individuals where we can with criminal
conduct, in this case, largely around the Computer Fraud and Abuse Act,"
Brett Leatherman, the FBI's cyber deputy assistant director, told
Reuters in an interview.
The group was a rare alliance of hackers in Western countries with
veteran cybercriminals from eastern Europe, he said on the sidelines of
the RSA Conference in San Francisco Wednesday.
"Often we don't see that mingling of geographical hackers working
together outside the confines of like hacktivism, for example," he said.
Security researchers have tracked Scattered Spider since at least 2022
and say the group is far more aggressive than other cybercrime gangs -
skilled especially at hijacking the identities of IT helpdesk staff to
penetrate into company networks. Caesars paid around $15 million to free
its systems from the hackers.
In chats with its victims the group has sometimes threatened physical
violence, alarming some researchers.
There appeared to be a dip in the gang's activities in January, but they
are going "pretty heavy right now," said Charles Carmakal, chief
technology officer at Google's Mandiant security arm that has worked
with several victims.
[to top of second column]
|
A projection of cyber code on a hooded man is pictured in this
illustration picture taken on May 13, 2017. Capitalizing on spying
tools believed to have been developed by the U.S. National Security
Agency, hackers staged a cyber assault with a self-spreading malware
that has infected tens of thousands of computers in nearly 100
countries. REUTERS/Kacper Pempel/Illustration//File Photo
The gang has targeted over 100 organizations in two years, gaining
some level of access into all of them, and was successfully phishing
people on a regular basis, he said.
Given the intensity of their attacks, some experts have criticized
the lack of arrests, especially since they are based in Western
countries.
Leatherman said private security firms were helping the FBI gather
evidence.
"This is an incredibly important group for us to continue to look at
disruption opportunities for," he said.
"We have a certain burden of proof we have to meet to conduct law
enforcement operations. And we are heading in that direction as
quickly as we can," he said.
There is one known arrest. In January the FBI charged 19-year-old
Noah Urban from Florida for wire fraud, who Leatherman said was with
Scattered Spider.
More arrests may be coming. Some of the gang's members are
juveniles, but the FBI could use state and local laws to bring them
to justice, said Leatherman.
"That's historically very, very effective," he said.
(Reporting by Zeba Siddiqui in San Francisco; Editing by Stephen
Coates)
[© 2024 Thomson Reuters. All rights reserved.]This material
may not be published, broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content. |