Scattered Spider Hackers Get Busy

Uploaded on 2025-06-02 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Hackers associated with the group known as Scattered Spider are currently engaged in a wave of cyber-attacks that have affected some of the UK’s most prominent retailers, including Marks & Spencer, the Co-op, and Harrods. Cybersecurity experts warn that the same threat is now extending across the Atlantic, targeting retailers in the United States as well.

Google’s cybersecurity division, Mandiant, has confirmed that this pattern of attacks has shifted seamlessly from the UK into the US, consistent with the modus operandi of Scattered Spider assailants.

The group is believed to be behind the recent breaches, which have seen personal data stolen from affected organisations.

Data Breaches & Personal Information Compromised

Mark & Spencer (M&S) recently notified staff that some personal information may have been compromised during the attack, with email addresses and full names believed to be amongst the data stolen. Later disclosures revealed that thousands of customers’ personal information had also been accessed by the hackers, further underscoring the scope and severity of these breaches.

The Tactics Of Scattered Spider

The National Cyber Security Centre (NCSC) issued an advisory warning businesses across the UK to remain vigilant. The agency highlighted specific tactics employed by Scattered Spider, notably an approach where attackers call IT help desks pretending to be employees or contractors to obtain system access.

“These cyber threats, including extortion and ransomware, are among the most prevalent risks facing UK organisations today,” the NCSC warned. Their guidance urges companies to scrutinise how their help desks manage password resets, as this remains a common entry point exploited by cybercriminals.

About Scattered Spider

Unlike many ransomware groups traditionally linked to Russian and former Soviet states, Scattered Spider is characterised by its composition of native English speakers from countries such as the UK, US, and Canada. The gang uses a variety of hacking techniques rather than operating as a formal, homogenous group.

The primary goal of ransomware gangs like Scattered Spider is to infect organisations' systems with malicious software that encrypts files. The attackers then demand payment in exchange for the decryption keys, often leading to significant data loss and operational disruption.

Challenges For Law Enforcement

Law enforcement agencies have found it difficult to track down and combat Scattered Spider. The group's amorphous structure, youthful membership, and the lack of cooperation from victims have hampered efforts to curtail their activities.

Given their sophisticated social engineering tactics and dispersed structure, analysts warn that these cyber-attacks could continue to grow in frequency and intensity, especially with the increasing value of retail and consumer data.

The Growing Threat

With the retail sector increasingly targeted by cybercriminals, the importance of robust security measures becomes evident. The NCSC emphasises that cyber threats are opportunistic and indiscriminate, affecting businesses of all sizes - no organisation is immune to the risks posed by groups like Scattered Spider.

As these attacks expand into the US market, both UK and international companies are advised to reinforce their cybersecurity protocols to prevent becoming the next victim of this rising threat.

Image: Ideogram

You Might Also Read:

The Future Of Passwords In Retail:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.