Cybercriminals target American retailers after U.K. hacking spree
Add Axios as your preferred source to
see more of our stories on Google.
Hackers who have been wreaking havoc on British retailers in recent weeks are now targeting this side of the pond, Google and other security firms started warning last week.
Why it matters: The notorious cybercriminal gang behind the attacks, Scattered Spider, has a history of successfully stealing reams of data and prompting business disruptions at several major companies.
Driving the news: Google started warning on Wednesday that Scattered Spider was now starting to go after major American retailers.
- This warning followed a wave of cyberattacks targeting at least three major British retailers in the last month, including Marks & Spencer, Harrods and Co-op.
- "Shields up, U.S. retailers," John Hultquist, chief analyst at Google Threat Intelligence Group, wrote on X. "They're here."
Zoom in: Scattered Spider has already attacked multiple U.S. retail companies in the last two weeks, according to CNN.
- The FBI has stepped up cyber intelligence briefings for major retailers, CNN said. And Ahold Delhaize USA, the parent company of the Giant and Food Lion grocery chains, was among the targets.
- "Many companies have taken steps to harden themselves against these criminal groups' tactics over the past two years," Christian Beckner, vice president of retail technology and cybersecurity at the National Retail Federation, said in a statement.
Threat level: Scattered Spider has quite the rap sheet, despite being made up of hackers predominantly in their teens and early 20s.
- Officials say Scattered Spider was behind the 2023 attacks on MGM Resorts and Caesars Entertainment.
- It's not yet known how the hackers are targeting the retail sector, but the group has expanded it tactics in the last year to include targeting enterprise software.
The intrigue: Scattered Spider has been pretty quiet since the U.S. charged five of its members in November.
What's next: Google is hosting a webinar tomorrow diving into what's happening and how retailers can harden their networks to avert a cyberattack.
- Palo Alto Networks is hosting a similar webinar on Thursday.
