Particle.news
Download on the App Store
11 ARTICLES
·
15h ago

Scattered Spider Targets Airlines as FBI Issues Sectorwide Warning

The FBI has urged carriers to tighten help desk protocols; bolster multi-factor authentication; restrict unauthorized device enrollments following recent airline network intrusions.

Travelers at a Westjet check-in counter in Toronto Pearson International Airport on June 30, 2024.
A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin May 21, 2013. REUTERS/Pawel Kopczynski/Illustration/File Photo
A Hawaiian Airlines Airbus A330-200 takes off at San Francisco International Airport, San Francisco, California, February 16, 2015.
A Hawaiian Airlines plane en route to Honolulu on March 15, 2025.

Overview

  • Scattered Spider has moved from retail and insurance into aviation and transportation, marking a sector-by-sector escalation in its hacking campaign.
  • WestJet disclosed a June 12 breach that disrupted internal services and its mobile app after attackers exploited self-service password resets to add unauthorized MFA devices.
  • Hawaiian Airlines reported a June 23 intrusion affecting select IT systems and said flight operations and passenger safety remained unaffected.
  • American Airlines is grappling with an IT outage of unclear origin during a surge of suspected Scattered Spider incidents in the airline ecosystem.
  • FBI, Mandiant and Palo Alto Networks’ Unit 42 have called on airlines and their contractors to fortify help desk identity verification, bolster multi-factor authentication and ban unauthorized MFA device enrollments.