Particle.news
Download on the App Store
11 ARTICLES
·
yesterday

Scattered Spider Hackers Breach North American Airlines

The FBI supported by top security firms is urging airlines to tighten help desk authentication following late June strikes at WestJet, Hawaiian Airlines

Travelers at a Westjet check-in counter in Toronto Pearson International Airport on June 30, 2024.
A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin May 21, 2013. REUTERS/Pawel Kopczynski/Illustration/File Photo
A Hawaiian Airlines Airbus A330-200 takes off at San Francisco International Airport, San Francisco, California, February 16, 2015.
A Hawaiian Airlines plane en route to Honolulu on March 15, 2025.

Overview

  • The FBI and cybersecurity firms have confirmed that the Scattered Spider collective targeted the aviation sector in coordinated late-June attacks.
  • WestJet reported an ongoing breach since June 13 and Hawaiian Airlines disclosed an IT systems compromise this month with no impact on flight safety.
  • Scattered Spider operatives use social engineering to impersonate employees at help desks and bypass multi-factor authentication via unauthorized device additions.
  • Mandiant and Palo Alto Networks recommend airlines strengthen help desk identity verification, secure self-service password resets, and reinforce authentication processes.
  • The group’s shift to airlines follows recent retail and insurance intrusions, underscoring the challenges of defending critical infrastructure from agile social engineering threats.