The FBI and leading cybersecurity firms are sounding the alarm: Scattered Spider, one of the most notorious hacking groups in recent years, has shifted its sights to the airline and transportation sectors.
In a short but urgent statement shared with TechCrunch on Friday, the FBI confirmed it had “recently observed” cyberattacks linked to the group hitting airlines.
Executives at Google’s cybersecurity arm, Mandiant, and Palo Alto Networks’ research unit, Unit 42, echoed the warning. They said they have seen fresh evidence of Scattered Spider targeting aviation companies, a troubling escalation given the group’s reputation for brazen and damaging attacks.
Scattered Spider is no ordinary hacking crew. It’s a loose collective of mostly English-speaking teenagers and young adults, driven by the lure of money and notoriety. They’ve built their reputation by breaking into major corporations, stealing sensitive data, and extorting victims—sometimes while making chilling threats of violence against employees to get what they want. Their methods often rely on social engineering and phishing, exploiting trust to pry open even the most secure systems.
“Anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk,” the FBI warned in its statement.
The threat is not theoretical. At least two airlines have already reported intrusions this month.
Late Thursday, Hawaiian Airlines disclosed it was scrambling to secure its systems after suffering a cyberattack. Meanwhile, Canada’s second-largest carrier, WestJet, has been battling an ongoing breach since June 13 that, according to media reports, has been linked to Scattered Spider.
For the aviation industry—where safety, schedules, and data are all intertwined—these attacks are more than just a financial threat. They bring the unsettling possibility of major disruptions and the exposure of personal passenger information.
This new wave of intrusions comes on the heels of Scattered Spider’s campaigns against the U.K. retail sector and insurance firms. Over the past year, the hackers have also hit hotel chains, casinos, and major technology companies, leaving a trail of chaos and ransom demands.
For many companies in transportation and beyond, the message couldn’t be clearer—or more urgent.
Stay vigilant. If you work with airlines or support their operations in any way, now is the time to strengthen defenses, double-check security training, and be ready to respond. Because as the FBI and security researchers have made clear, Scattered Spider isn’t slowing down—and no one wants to be the next victim.
Also Read : Meta Is Offering Multimillion-Dollar Pay for AI Researchers But Not $100M “Signing Bonuses”
