Scattered Spider’s New Target: The Insurance Sector

Recent Developments in Cybersecurity Threats

The insurance industry finds itself in the crosshairs of cyber miscreants. A collective known as Scattered Spider, previously targeting retailers, is now focusing on insurers. Google researchers have confirmed this new threat, revealing that multiple incidents have already occurred.

Wave of Intrusions

Google’s John Hultquist, a chief analyst, stated the group’s hallmark is evident. They’re now shifting their efforts towards the insurance sector. This transition calls for heightened vigilance, especially against social engineering schemes aimed at call centres and help desks.

History and Tactics of Scattered Spider

Previous Targets

Previously, Scattered Spider was linked to attacks on MGM Resorts and casino companies. Their modus operandi involves sophisticated social-engineering techniques.

Tactics

The group frequently deploys methods designed to trick IT personnel. These tactics often bypass multifactor authentication, coaxing individuals into revealing sensitive credentials.

Recent Advisory

In May, Mandiant issued a guide for security teams. This document focused on countering the methods commonly used by this elusive group.

Current Investigations and Alerts

Erie Insurance’s Response

Earlier in June, Erie Insurance uncovered what seemed to be a cyberattack. The company, active across 12 states, serves over 7 million policyholders. In response to detected unusual activity, they are collaborating with law enforcement to pinpoint this network incident’s origin.

Safety Measures

Customers are urged to stay vigilant. Erie emphasized they wouldn’t request payments via phone or email. They advised against clicking links from unfamiliar sources or sharing personal information.

Additional Considerations and Future Outlook

Social Engineering Threats

Given the group’s history of focusing on sectors sequentially, organisations should remain wary. Their emphasis on social engineering demands constant awareness and robust countermeasures.

Broader Implications

Google’s revelation coincides with a Securities and Exchange Commission filing by Erie Insurance. The firm is evaluating the incident’s full impact, though no blame has been assigned to a specific actor.

Insurance companies must now navigate this precarious landscape. With attackers utilising increasingly cunning strategies, the need for enhanced security measures has never been more critical.