Recommended reading

FBI warns Scattered Spider hackers are now going after airlines

News
By published

Scattered Spider is hunting for new victims in the US

A metal spider standing on a printed circuit board
(Image credit: Shutterstock)
  • Scattered Spider may be moving its focus to the US
  • The FBI has warned the airline and transport industry to remain vigilant
  • Two airlines have already been breached in June 2025

The Scattered Spider cybercriminals are now targeting US airlines and transportation after moving its crosshairs from UK retailers, the FBI and security firms are warning.

The group previously hit Marks & Spencer, Co-op, and Harrods causing widespread system outages and empty shelves.

The FBI advisory warns it had “recently observed” cyberattacks that shared similarities with the aforementioned attacks, with Google’s Mandiant and Palo Alto Networks’ Unit 42 echoing the bureaus’ warning.

Scattered Spider switches targets

The group’s members include English speaking young adults who are financially motivated. The group uses phishing and social engineering techniques to gain access to networks where they wreak havoc, steal data, and deploy ransomware. There is no organized structure to the group with the members being part of a wider organization known as “the Com”.

The FBI’s warning follows two cyber incidents affecting airlines this month. Hawaiian Airlines reported a cyberattack on June 26, and Canada’s WestJet released a notice that it had detected a cyber incident on June 13. The group could target other organizations directly, or breach third-parties in the supply chain to gain access.

“Anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk,” the FBI statement warns.

“The FBI is actively working with aviation and industry partners to address this activity and assist victims. Early reporting allows the FBI to engage promptly, share intelligence across the industry, and prevent further compromise. If you suspect your organization has been targeted, please contact your local FBI office,” the statement says.

Back in May 2025, Google’s Threat Intelligence Group (TIG) also warned that Scattered Spider was starting to move its focus over to the US.

You might also like

Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.