The FBI has issued a warning that the hacker group Scattered Spider is expanding its cyberattacks to target airlines.
The alert was released on Friday, with federal officials emphasizing the group’s growing focus on the airline industry.
Scattered Spider is known for its use of social engineering tactics, often impersonating employees or contractors to trick IT help desks.
These tactics frequently include methods to bypass multi-factor authentication (MFA), such as persuading help desk personnel to add unauthorized MFA devices to compromised accounts.
The FBI stated the group targets large corporations and their third-party IT providers, putting the entire airline ecosystem—including vendors and contractors—at risk.
Once inside a system, Scattered Spider actors steal sensitive data to extort victims and often deploy ransomware.
“These techniques frequently involve methods to bypass multi-factor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts. They target large corporations and their third-party IT providers, which means anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk,” the FBI said in a statement on X.
“Once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware. The FBI is actively working with aviation and industry partners