Hawaiian Airways has disclosed a cybersecurity incident simply because the US authorities and the safety trade issued a warning over the infamous Scattered Spider cybercrime group concentrating on the aviation sector.
Warnings over Scattered Spider assaults towards the aviation and transportation sectors have been issued over the weekend by the FBI, Google Cloud’s Mandiant, and Palo Alto Networks.
The FBI mentioned the cybercrime group has prolonged its concentrating on to the airline sector and urged the trade to succeed in out in the event that they uncover any indication of a hacker assault.
“Early reporting permits the FBI to have interaction promptly, share intelligence throughout the trade, and forestall additional compromise,” the FBI mentioned.
The company identified that Scattered Spider sometimes depends on social engineering methods to realize entry to the sufferer’s methods, noting that the hackers might goal airways’ trusted distributors and contractors as effectively.
Charles Carmakal, CTO of Mandiant Consulting, instructed SecurityWeek in an emailed assertion that “Mandiant is conscious of a number of incidents within the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider. We’re nonetheless engaged on attribution and evaluation, however given the behavior of this actor to deal with a single sector we recommend that the trade take steps instantly to harden methods.”
“The actor’s core ways, methods, and procedures have remained constant,” Carmakal famous. “Which means organizations can take proactive steps like coaching their assist desk workers to implement sturdy identification verification processes and deploying phishing-resistant MFA to defend towards these intrusions. Further recommendation may be present in our earlier hardening information.”
Hawaiian Airways, a subsidiary of Alaska Air Group, instructed the SEC late final week that it had recognized a cybersecurity incident affecting sure IT methods. Commercial. Scroll to proceed studying.
“Upon studying of this occasion, we instantly took steps to safeguard Hawaiian’s operations and methods. Flights are presently working safely and as scheduled. We’ve engaged the related authorities and specialists to help in our investigation and ongoing remediation efforts,” Hawaiian Airways mentioned, including that it has but to find out whether or not the incident may have a cloth affect.
It’s unclear whether or not Scattered Spider is behind the Hawaiian Airways hack, however Axios has discovered from sources that one other latest airline cyberattack — the WestJet incident — is probably going the work of the cybercrime group.
The Canadian airline WestJet, which operates scheduled, constitution, and cargo providers, reported earlier in June {that a} cyberattack had disrupted sure inner methods and impacted entry to its utility and web site, however didn’t affect operations.
American Airways additionally reported experiencing a “know-how subject” on Friday. The airline mentioned the incident had impacted connectivity for some methods, which led to some delays, however no flight cancelations. It’s nonetheless unclear if a cyberattack is in charge.
Scattered Spider made headlines in latest months after it was linked to the assaults on UK and US retailers.
Just a few weeks later, the cybersecurity neighborhood warned that Scattered Spider had shifted its focus to insurance coverage firms.
Associated: Ahold Delhaize Knowledge Breach Impacts 2.2 Million Individuals
Associated: 743,000 Impacted by McLaren Well being Care Knowledge Breach
Associated: Krispy Kreme Confirms Knowledge Breach After Ransomware Assault
