Stay informed with free updates
Simply register in the Cybernetics Myft Digest: Delivered directly to its inbox.
The writer is director of the Cambridge Cybercrrimen
In recent weeks, you may have heard the name “Spider scattered” in relation to continuous interruption in Marks and Spencer, CO-OP and Harrods. While there has been no public attribution For cyber attacks Still in the Retail Trade of the United Kingdom, it is speculated that the tactics used are similar to a network of affiliated online criminals that meet this name. Other reports suggest collaboration with another cybernetic group, Dragonforce, which supposedly provides ransomware as a service.
The scattered spider has been linked to infractions in several high -profile companies and has infiltrated the collective imagination of cyber security professionals, the media and the government. However, its symbolic power, amplified by its striking name, far exceeds its technical ability.
The size of the supposed objectives of the group can make it look like impressive piracy skills. But reports indicate that it enters organizations through rear doors convincing involuntary employees to enable access.
This can be done through social engineering (manipulating people to share private information), objective phishing, taking advantage of multifactor fatigue and SIM exchange. These tactics are not novel. They involve employees who speak gently, take them to false websites to steal their credentials and take advantage of bad verification practices. None of these crimes requires highly qualified adversaries.
However, in the cyber security industry, marketing is everything. The names are chosen to invoke a visceral reaction and promote fear. That fear helps to turn people into expensive high -tech safety products.
The scattered spider is, in fact, not an official group that named itself. His name was first invoked by the Crowdstrike cyber security company in 2022. You can even buy scattered spider figures, t -shirts, mice, cups and a crowdstrike’s skateboard Online store. (Crowdstrike, can remember, the company blamed millions of computers that were disconnected last summer, interrupting airlines, media, health services and emergency call centers due to a Falling software update.)
It is not just Crowdstrike who comes up with names for groups involved in deviated behavior. Other security companies come together to choose the most catchy nickname, which will be splaw in media releases and will ensure that their website reaches the search results. The scattered spider has received many other names, including Starfraud, UNC3944, Spatter Swine and Muddled Libra.
There are some exceptions. Dragonforce seems to have named himself, perhaps in an attempt to gain notoriety and avoid a title chosen by the marketing department of a security company.
The names delivered to cyber gangs not only describe their behavior, but they can also shape it. These linguistic options can inflate the symbolic capital of a group, giving legitimacy to its members, who are often adolescents or young adults seeking pairs recognition and prestige. For them, cybercrime can be not only a means for wealth but a passage rite. Therefore, the scattered spider is being amplified by the same industry that is designed to neutralize them.
Often, the high -tech services sold by the cyber security sector protects the main door, while criminals continue to cast on the back using low technology methods.
In a world where affiliation with computer pirates groups can be an honor badge, regardless of the country or language, criminals can be driven by reputation and peer recognition. To address cyber threats, we need a better deterrence, since cyber crimes criminals generally do not face any consequence for their crimes. Global prosecution rates are extremely low. Many criminals evade the investigation completely, since their crimes are relatively low in value, despite having a high volume.
Effective cross -border collaboration is essential to address all cyber crimes, except the most mundane, and the police must be trained to deal with this. We need a receptive ecosystem that can act in the early stages of security violations.
If we want to protect ourselves from the attack of cyber crimes, we require greater prosecution and a mature computer security industry that does not introduce vulnerabilities or provocative names.