Scattered Spider Attacks - Four Arrested

Uploaded on 2025-07-11 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

British  police have made arrests for the cyber attack that caused major disruption at Marks & Spencer (M&S), the Co-op, the luxury goods store Harrods and more recently the Qantas airline. 

Four people were detained at their homes in the early hours of Thursday 10th July 2025 and their electronic devices were taken away. by the police. They were apprehended on suspicion of offences under the Computer Misuse Act, blackmail, money laundering and participating in the activities of an organised crime group. 

One of the suspects is a 19-year-old man from Latvia and the rest are from the UK. The National Crime Agency (NCA) has said that a 20-year-old woman was arrested in Staffordshire, and three males, aged between 17 and 19, were arrested in London and the West Midlands. The cyber criminals deployed ransomware affecting the company's IT networks making them unusable, unless a ransom was paid.

The chairman of M&S, Archie Norman, recently told UK Parliment MPs that it felt like the hack was aimed at business destruction and that M&S estimates it will cost £300m in lost profits. 

 M&S expects its operations to be affected until late July, with some IT systems not fully operational until October or November. The cyber attack on Harrods is though to have had less impact on its operations.

In expert comment, the CEO of HackerOne, Kara Sprague, said “When we fail to create visible, ethical pathways for curious young people with cybersecurity talent, some will take the wrong route, with life-changing consequences... Around the world, outdated laws and a lack of awareness leave too many aspiring hackers without a clear pathway to an ethical outlet for their talent. This gap harms individuals and deprives us of the talent we need in today’s threat landscape."
 
The use of AI to deploy new forms of cyber attack is lowering the barrier to entry for attackers while increasing complexity for defenders.

"Now more than ever, we need to meet the next generation of hackers where they are with programs, policies, and incentives that channel curiosity into contribution rather than criminal behaviour." Sprague concludes. 

BBC  |   MSN  |   ChronicleLive  |   NewsShopper  |   Yahoo  |   Standard  |  Guardian

Image:  Ideogram

You Might Also Read: 

Fraudsters Leverage Bots To Exploit Digital Marketing Campaigns:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« GitHub Exploited In Sophisticated Malware Campaign
Why Smarter Data Protection Is Now A Business Essential »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BMC Software

BMC Software

BMC provide solutions for IT service management, Cloud management, IT workload automation, IT operations, and mainframe system management.

Detectify

Detectify

Detectify is a web security service that simulates automated hacker attacks on your website, detecting critical security issues before real hackers do.

BehavioSec

BehavioSec

BehavioSec uses the way your customers type, swipe, and hold their devices, and enables them to authenticate themselves through their own behavior patterns.

Romanian Association for Electronic Industry & Software (ARIES)

Romanian Association for Electronic Industry & Software (ARIES)

ARIES is the Romanian Association for Electronic Industry and Software, the biggest and most influental organization created for the IT&C industry in Romania.

Rwanda Information Society Authority (RISA)

Rwanda Information Society Authority (RISA)

RISA is at the forefront of all ICT project implementation, research, infrastructure and innovation within the ICT sector in Rwanda.

Newtech Recycyling

Newtech Recycyling

Newtech Recycyling specializes in the removal and disposal of IT infrastructure which has reached the end of its life cycle.

Vector Informatik

Vector Informatik

Vector Informatik is a specialist in automotove electronics and provides services, embedded software and tools for securing embedded systems against cyber-attacks.

Cyber Threat Defense (CT Defense)

Cyber Threat Defense (CT Defense)

CT Defense specialize in penetration testing and security assessments.

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71) is Singapore's first cybersecurity entrepreneur hub.

Scout Ventures

Scout Ventures

Scout Ventures is an early stage venture capital firm that is making the world a better, safer place by cultivating standout frontier technologies.

OWN

OWN

OWN (formerly SEKOIA) is a major French player in cybersecurity providing tailor-made, informed and adapted cyber support thanks to its DNA of passionate and committed experts.

Fusion Risk Management

Fusion Risk Management

Fusion Risk Management focuses on operational resilience encompassing business continuity, risk management, IT risk, and crisis and incident management.

Clearnetwork

Clearnetwork

Clearnetwork specializes in managed cybersecurity solutions that enable both public and private organizations improve their security posture affordably.

KCS Group Europe

KCS Group Europe

KCS Group helps its clients to identify and deal with any risks, weaknesses and threats which could impact on the business financially or reputationally.

Sprinto

Sprinto

Ambitious tech companies all over the world trust Sprinto to power their security compliance programs and sprint through audits without breaking their stride.

Maro

Maro

The web is a dark and dangerous place. Step into the light with the first cognitive security platform that makes human risk visible, actionable, and shapeable.