Google warns US retailers as hackers behind UK attacks shift focus across the atlantic
WASHINGTON: Alphabet’s google has raised an alarm that the same group of hackers responsible for major disruptions to UK retailers are now turning their attention to American companies. The hackers, linked to the notorious “Scattered Spider” network, have developed a reputation for targeting the retail sector with aggressive and highly disruptive tactics, Google’s cybersecurity arm has warned.
John Hultquist, a leading analyst at google’s Mandiant cyber intelligence unit, stated in an email on Wednesday that American retailers should brace themselves for a wave of cyberattacks similar to those recently experienced in Britain.
“US retailers should take note. These actors are aggressive, creative, and particularly effective at circumventing mature security programmes,” said Hultquist, urging firms to strengthen their defences without delay.
Google said the hackers are associated with the group dubbed “Scattered Spider” – a loosely organised and highly flexible network of cybercriminals with varying degrees of technical sophistication. The group has been behind a string of attacks that have disrupted operations and inflicted severe financial and reputational damage on their victims.
In Britain, Scattered Spider is widely believed to have been responsible for the crippling cyberattack on Marks & Spencer (M&S), one of the most iconic names in British retail. Since 25 April, the retailer’s online services have been severely disrupted, with customers unable to place orders or access key services.
While M&S has yet to confirm the identity of the attackers, industry experts and analysts believe Scattered Spider’s hallmarks are all over the breach. The attack has left a significant dent in consumer confidence and highlighted the vulnerabilities even well-established brands face in the face of persistent cyber threats.
Hultquist warned that the group appears to have a history of focusing on one sector at a time, perfecting their methods before moving on to fresh targets. He suggested that the retail sector is likely to remain in their crosshairs for the foreseeable future.
“Given their pattern of behaviour, we expect Scattered Spider to continue to pursue retail companies, both in the UK and now increasingly in the US. The group’s tactics are constantly evolving, making them a formidable challenge for even the most robust security teams,” he said.
Scattered Spider is not new to high-profile attacks. In 2023, hackers linked to the group made global headlines when they successfully breached the systems of US casino giants MGM Resorts International and Caesars Entertainment, causing widespread outages, data leaks, and operational chaos.
What makes Scattered Spider particularly elusive, according to cyber experts, is the amorphous structure of the group. Rather than being a tightly knit collective, it comprises a network of hackers, often young and operating independently or in loose affiliation. This decentralised structure makes it difficult for law enforcement agencies to track them down or dismantle their operations effectively.
More Read
Furthermore, a persistent obstacle in combating such cybercrime has been the reluctance of victim companies to cooperate fully with authorities. This hesitancy, driven by concerns over reputational damage and financial fallout, has enabled groups like Scattered Spider to continue operating with relative impunity.
Despite international efforts to crack down on cybercrime, including greater cooperation between law enforcement agencies, tech firms, and cybersecurity companies, groups such as Scattered Spider have managed to stay ahead by exploiting gaps in defences and capitalising on the ever-growing digital footprint of companies across sectors.
Google’s latest warning comes as a stark reminder of the global nature of the cyber threat landscape and the need for continuous vigilance and investment in cybersecurity measures. With the group now setting its sights on the United States, retailers on both sides of the Atlantic are being urged to harden their systems and prepare for potentially severe disruptions.
As Hultquist concluded, “This is not a threat that’s going away anytime soon.”
