Tech leaders Google and Palo Alto Networks have raised alarms over targeted cyberattacks against the aviation industry by the hacking group “Scattered Spider.” Cybersecurity experts from both companies reported that the group, also known as Muddled Libra or UNC3944, has been actively targeting aviation and transport sector firms in recent incidents.
While no specific companies were officially named, Hawaiian Airlines and Canada’s WestJet have both recently disclosed cyber incidents, sparking speculation about a possible connection. Details remain sparse, with both airlines choosing not to comment on the extent of the breaches or attribution to Scattered Spider.
Track record of disruption
Scattered Spider has previously caused significant disruptions. In 2023, the group infiltrated major US casino chains MGM Resorts and Caesars Entertainment, impacting services and paralyzing operations. Earlier in 2024, it was linked to cyberattacks against several major British retailers. Known for its aggressive methods, the group is believed to comprise young hackers from Western countries, operating in a loosely coordinated manner.
Palo Alto’s Unit 42 and Google’s Mandiant unit have both independently observed activity consistent with the group’s past operations. These include sophisticated intrusion tactics targeting high-value infrastructure.
Also read: Hawaiian Airlines Reports Cybersecurity Incident
Implications for global aviation
The aviation sector, already managing complex logistics and regulatory compliance, faces a growing cybersecurity threat landscape. The recent warnings underscore the need for airlines and aviation-related entities to reassess their cybersecurity protocols, increase monitoring, and prepare for highly targeted, persistent threat actors.
Cybersecurity experts recommend adopting a multi-layered defense strategy, including zero trust architecture, continuous endpoint monitoring, and threat intelligence sharing across industry peers.
As global digital infrastructure continues to expand, aviation and transportation companies are becoming increasingly attractive targets for sophisticated threat groups like Scattered Spider. Proactive threat management and collaboration between public and private sectors remain critical.
