A notorious cybercrime collective, Scattered Spider, is under scrutiny in the UK for its alleged role in several high-profile hacks against retailers, including Marks & Spencer and Harrods.
The UK’s National Crime Agency (NCA) has identified a hacker community known as Scattered Spider as a key suspect in the recent cyber-attacks against UK retailers, including Marks & Spencer, Co-op, and Harrods.
The Rise of Scattered Spider
Scattered Spider is a loose collective of native English-speaking cybercriminals who have been linked to several high-profile hacks. The group’s use of platforms such as Discord and Telegram for communication has made it easier for them to coordinate their efforts and operate as a collective.
Investigation into the M&S Hack
Detectives believe that the Scattered Spider hackers deployed ransomware, also known as ‘malicious software’, in the M&S hack. This is unusual for this group, which is typically associated with Russian-speaking gangs. The use of ransomware-as-a-service operations, where hackers use another group’s malware and infrastructure in exchange for a cut of any financial proceeds from the attack, has also been reported.
Google’s Warning
Google has warned that UK-based members of Scattered Spider are actively facilitating cyber-attacks, including attempts to enter systems of UK retailers. The company has also noted that these attacks are now being replicated in the US.
The Scope of the Investigation
The NCA is investigating the group and gathering evidence to identify the offenders. Paul Foster, head of the NCA’s national cybercrime unit, stated that catching those behind the attacks is the agency’s top priority.
The Role of Younger Members
Google has also reported that younger members of the network are carrying out tasks such as ringing up a company’s IT help desk and pretending to be an employee or contractor in order to gain access to computer systems.
