Scattered Spider Attacks - Four Arrested

Uploaded on 2025-07-11 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

British  police have made arrests for the cyber attack that caused major disruption at Marks & Spencer (M&S), the Co-op, the luxury goods store Harrods and more recently the Qantas airline. 

Four people were detained at their homes in the early hours of Thursday 10th July 2025 and their electronic devices were taken away. by the police. They were apprehended on suspicion of offences under the Computer Misuse Act, blackmail, money laundering and participating in the activities of an organised crime group. 

One of the suspects is a 19-year-old man from Latvia and the rest are from the UK. The National Crime Agency (NCA) has said that a 20-year-old woman was arrested in Staffordshire, and three males, aged between 17 and 19, were arrested in London and the West Midlands. The cyber criminals deployed ransomware affecting the company's IT networks making them unusable, unless a ransom was paid.

The chairman of M&S, Archie Norman, recently told UK Parliment MPs that it felt like the hack was aimed at business destruction and that M&S estimates it will cost £300m in lost profits. 

 M&S expects its operations to be affected until late July, with some IT systems not fully operational until October or November. The cyber attack on Harrods is though to have had less impact on its operations.

In expert comment, the CEO of HackerOne, Kara Sprague, said “When we fail to create visible, ethical pathways for curious young people with cybersecurity talent, some will take the wrong route, with life-changing consequences... Around the world, outdated laws and a lack of awareness leave too many aspiring hackers without a clear pathway to an ethical outlet for their talent. This gap harms individuals and deprives us of the talent we need in today’s threat landscape."
 
The use of AI to deploy new forms of cyber attack is lowering the barrier to entry for attackers while increasing complexity for defenders.

"Now more than ever, we need to meet the next generation of hackers where they are with programs, policies, and incentives that channel curiosity into contribution rather than criminal behaviour." Sprague concludes. 

BBC  |   MSN  |   ChronicleLive  |   NewsShopper  |   Yahoo  |   Standard  |  Guardian

Image:  Ideogram

You Might Also Read: 

Fraudsters Leverage Bots To Exploit Digital Marketing Campaigns:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« GitHub Exploited In Sophisticated Malware Campaign
Why Smarter Data Protection Is Now A Business Essential »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ARC Advisory Group

ARC Advisory Group

ARC is a leading technology research and advisory firm with expertise in both information technologies (IT) and operational technologies (OT)

Exostar

Exostar

Exostar is the cloud platform of choice for secure enterprise and supply chain collaboration solutions and identity and access management expertise.

Assertion

Assertion

Assertion secures your collaboration (UC/CC) systems from cyber risks. Enforcing the right set of controls and monitoring them continually brings down risk to acceptable levels.

Elitecyber Group

Elitecyber Group

Elitecyber group is a team of Cyber Security recruitment experts who work for Cyber Security and Cyber Defence clients and candidates throughout Europe.

Aversafe

Aversafe

Aversafe provides individuals, employers and certificate issuers around the world with a first line of defense against credential fraud.

Wayra

Wayra

Wayra connects Telefónica and technological disruptors around the world. As their preferred strategic partner, we scale them up to accelerate their business and ours.

Virtue Security

Virtue Security

Virtue Security are specialists in web application penetration testing.

Airtel Secure

Airtel Secure

Airtel Secure’s multi-layered, full service cybersecurity offerings are designed to safeguard enterprises against threats of various kinds and origins.

CryptoDATA

CryptoDATA

CryptoDATA develops products and services based on Blockchain technology, that ensure user security and data encryption, applicable in various fields.

Scybers

Scybers

Scybers are a global cybersecurity advisory and managed services company. With our deep expertise, we help our clients reduce their cyber risks with confidence.

Varutra Consulting

Varutra Consulting

Varutra Consulting is an Cyber Security Consulting, Solutions and Training services firm, providing specialized security services for software, mobile and network.

Deepware

Deepware

Deepware is an emerging AI research company dedicated to exploring the potential of GenAI in both generation and detection.

Sword Group

Sword Group

Sword is a leader in data insights, digital transformation and technology services with a substantial reputation in complex IT, business projects and mission critical operations.

Whalebone

Whalebone

Whalebone develop user-centric, no-installation network security products for telcos, internet service providers, enterprises, public institutions, and governments.

Device42

Device42

Device42 is a trusted, advanced, and complete full-stack agentless discovery and dependency mapping platform for Hybrid IT.

HyperSphere

HyperSphere

HyperSphere Data Protect is a patented technology establishing the world’s first cyberstorage solution designed to make data resilient against AI and quantum threats.