Scattered Spider Strikes Again: Build Cyber Resilience Against Advanced Threat Actors
The hacker group Scattered Spider is back in action and has launched a new campaign. You might remember them from when they hit the news last year. They were the group behind the notorious attacks on MGM Resorts International and Caesars Entertainment in Las Vegas, Nevada. This time, their focus is on critical organizations within the financial and healthcare industries. Since April 20th, 29 companies have been targeted, many of which are major banks and insurance companies. While this is not the first time finance and healthcare industries have been a target, it illustrates an unsettling rise in these sophisticated cyber threats.
Who is Scattered Spider
Scattered Spider (also known as Octo Tempest or UNC3944) is a financially motivated threat actor group founded in May 2022. Operatives are thought to be based in the United Kingdom and the United States and between the ages of 19 and 22.
Scattered Spider threat actors leverage third-party software to facilitate lateral movement and maintain persistence on a target organization's network.” ~ CISA, Joint Cybersecurity Advisory
Why This Matters
As these attackers evolve, they're not just a threat to casinos but now to the backbone of our critical infrastructure. Their tactics? Elaborate social engineering, assisted by AI, designed to steal credentials. Once this happens, they don’t have to hack; they log in.
According to a 2024 IBM report, attacks leveraging valid credentials surged by a staggering 71% year-over-year.
This alarming trend underscores our urgent need to evolve our strategies with heightened vigilance and specialized security measures. Relying solely on enterprise-wide Single Sign-On (SSO) solutions is no longer enough, and strong passwords are no longer enough either.
Organizations must fortify their data protection infrastructure with dedicated security controls. This includes Multi-Factor Authentication (MFA), Multi-Person Authorization (MPA), Privileged Access Management (PAM), and other robust defenses. You must also implement fundamentals like Zero Trust, immutability, anomaly detection, and malware scanning as fundamentals. Above all, they must leverage new technologies to stay ahead of the threat actors and their innovative tactics. For a comprehensive list of foundational security and data protectioncontrols you need to implement, check out the Cyber Recovery checklist.
Strengthen Your Cyber Resilience with Veritas
Last month, Veritas unveiled a series of new capabilities designed to combat these ever-evolving cyber threats. Our new AI-powered product solutions include:
- An Adaptive Self-Defense Solution
- Improved Entropy Anomaly Detection
- A new GenAI-Powered Operational Copilot
Veritas also announced new cyber resiliency assessment and recovery services, and new security ecosystem partners. These solutions ensure you are prepared to be resilient in the face of an attack and set up with tools that proactively prevent attacks.
If you missed our most recent announcement, check out the full broadcast on-demand: Achieving Cyber Resilience with Zero Doubt.
Subscribe to the Veritas Cyber Resiliency Newsletter on LinkedIn for continuing insights on enterprise-grade cyber resilience.
