Scattered Spider, who’s believed to be accountable for several cyberattacks against the retail sector in current months, has apparently shifted targets to the insurance coverage sector.
In an X post from Chief Analyst John Hultquist of Google Menace Intelligence Group, he warns that the group could intend to focus on the insurance coverage sector and work “their approach via.”
Hulquist advises that insurance coverage organizations “must be looking out for social engineering schemes focusing on their name facilities.”
Under, safety leaders focus on the obvious shift in targets from Scattered Spider.
Safety Leaders Weigh In
Fletcher Davis, Senior Safety Analysis Supervisor at BeyondTrust:
Insurance coverage firms are enticing targets for Scattered Spider as a result of they deal with huge quantities of delicate buyer information, together with private data, monetary information, and well being information, which may be focused for information theft and extortion. Insurance coverage firms typically have massive assist desk and outsourced IT capabilities which can be vulnerable to social engineering assaults, which align immediately with Scattered Spider’s competencies and playbooks. The worldwide and sophisticated construction of many of those insurance coverage corporations makes complete safety and detection of malicious exercise considerably tough as nicely.
Dave Gerry, CEO at Bugcrowd:
Scattered Spider’s shift to focusing on the insurance coverage business, as famous by Google’s Menace Intelligence Group, raises severe cybersecurity considerations. They’ve been exploiting vulnerabilities with social engineering techniques, specializing in assist desks and name facilities, the place the human is oftentimes the weakest hyperlink.
Current incidents, just like the breach at Erie Insurance coverage, spotlight the urgency for enhanced defenses and strong incident response plans throughout the insurance coverage sector. It’s essential for firms to bolster their defenses in opposition to evolving threats like these and notice that workers proceed to be more and more focused.
Ben Hutchison, Affiliate Principal Marketing consultant at Black Duck:
Sadly, it isn’t unusual for a selected business sector and courses of organizations to endure from an upsurge of comparable assaults, or seemingly focused assaults, in phases of risk actor operations. They might be thought-about victims of the second, as sadly as soon as a selected assault or risk actor group has been profitable in compromising a particular goal/sector, this will function motivation each for others to interact in comparable efforts and for the precise risk actor to double down on their efforts and launch assaults in opposition to comparable targets. Given the current rising development in assaults focusing on retail organizations and the insurance coverage business, these organizations ought to deal with this as one more wakeup name to make sure they’re prioritizing their cybersecurity and digital resiliency.
