
Washington, D.C. | June 28, 2025
🛰️ The Move
The FBI and major cybersecurity firms have issued a warning that Scattered Spider, a prolific cybercrime group known for high-impact attacks, is now actively targeting airlines and the wider transportation sector.
📡 The Signal
- Actors Involved: FBI, Google’s Mandiant, and Palo Alto Networks’ Unit 42 confirm observed attacks on aviation systems.
- Nature of Threat: Cyberattacks involve social engineering, phishing, and extortion; group sometimes uses threats of violence to access internal systems.
- Targets: Airlines and third-party IT vendors within the broader airline ecosystem.
- Confirmed Incidents: Hawaiian Airlines and Canada’s WestJet both reported cyber intrusions in June; WestJet’s attack remains unresolved.
- Attribution: Scattered Spider, an English-speaking, financially motivated hacking collective often made up of young adults.
🎙️ Reactions
“The threat is not limited to carriers themselves, but extends to contractors and trusted partners within the industry,” said the FBI in a statement to TechCrunch.
📚 The Context
Scattered Spider recently shifted focus from targeting retail and insurance sectors to aviation — part of a broader pattern of opportunistic high-profile attacks.