A cybercrime group known as Scattered Spider has shifted its focus from retailers to insurance companies, raising new concerns in the cybersecurity world. Recent attacks on Erie Insurance, Philadelphia Insurance Companies, and Aflac highlight this worrying trend, according to experts from Google’s Threat Intelligence Group.
Scattered Spider is a loosely connected group of hackers that has caused trouble for big retail names like United Natural Foods, Marks & Spencer, Adidas, and Victoria’s Secret. They often work with DragonForce, a ransomware service, to carry out their attacks. Now, they appear to be turning their attention to the insurance sector.
John Hultquist, a top analyst at Google’s cybersecurity team Mandiant, shared on social media that these hackers are targeting insurance firms with social engineering schemes, especially aimed at call centers. The goal is to trick employees into giving up access to sensitive information.
Keith Wojcieszek, a global threat intelligence leader at Kroll, told Insurance Journal that one insurance company recently fell victim to a phishing attack. Once inside, the hackers used the access to learn more about the company’s structure, helping them plan further attacks.
Insurance companies hold a treasure trove of personal and financial data. They also collect detailed information about the companies they insure, including insights into those companies’ cybersecurity setups. This knowledge, experts warn, can help criminals figure out how to attack other businesses.
While there are growing worries about cyberattacks from Iran following recent political events, Hultquist says Scattered Spider remains a bigger immediate threat. He points out that this group is already disrupting businesses and even causing shortages on store shelves.
With insurance companies facing these new challenges, experts stress the importance of heightened vigilance. Understanding the tactics used by groups like Scattered Spider could be key to stopping future cyberattacks and protecting valuable data.