Charles Carmakal, Chief Technology Officer at Mandiant Consulting-Google Cloud, confirmed that his company is “aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider.” The group has demonstrated a consistent pattern of focusing intensively on single industries before moving to new sectors. Cybersecurity experts and federal authorities are sounding urgent alarms as the notorious Scattered Spider hackers have pivoted to targeting the aviation and transportation sectors, marking a dangerous escalation in their operations. The FBI has confirmed that the cybercriminal group, also known as UNC3944, has expanded its targeting to include the airline sector, employing sophisticated social engineering techniques to breach major carriers and transportation firms. The guidance emphasizes the urgent need for organizations to tighten help desk identity verification processes prior to adding new phone numbers to employee accounts, resetting passwords, or providing employee information that could enable subsequent social engineering attacks. As Scattered Spider continues its aggressive campaign, the aviation industry faces an unprecedented cybersecurity challenge that demands immediate action to protect critical infrastructure and passenger data. Scattered Spider relies heavily on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting unauthorized access. ALERT—The FBI has recently observed the cybercriminal group Scattered Spider expanding its targeting to include the airline sector.
This Cyber News was published on cybersecuritynews.com. Publication date: Sat, 28 Jun 2025 02:40:18 +0000