Google’s cybersecurity team has issued a serious warning to US retailers about a new wave of cyberattacks. These attacks, similar to those recently crippling UK businesses, involve ransomware and extortion.
Hackers Targeting American Businesses
Analyst John Hultquist from Google’s threat analysis group delivered a stark message: “Shields up US retailers. They’re here.” The attacks are believed to be the work of a hacking group known as Scattered Spider (or UNC3944).
The Scattered Spider’s Tactics
Initially focusing on telecom companies for SIM swap scams, Scattered Spider has broadened its targets and tactics. Since early 2023, the group has been using ransomware and data theft to extort money from various industries. Google’s report notes a pattern of the group focusing on specific sectors for periods of time, recently targeting financial services and, more recently, the food service industry. They’ve also targeted big-name brands, possibly to boost their profile.
DragonForce Ransomware
The attacks on UK retailers involved the DragonForce ransomware. Reports suggest that those behind DragonForce claimed responsibility for attempted attacks on multiple UK retail businesses. This same tactic is now being used against US retailers.
What Retailers Should Do
While the article doesn’t offer specific advice, the urgency of the warning suggests retailers should immediately review their cybersecurity measures and be vigilant against suspicious activity. The potential for significant financial and reputational damage underscores the seriousness of this threat.