At least two North American airlines have been victims of criminal hackers recently as cybersecurity companies warn that a notorious cybercriminal group has been targeting the aviation industry.
Westjet and Hawaii airlines both said in June statements that they are responding to cyberattacks.
American Airlines also experienced a tech issue on Friday, though it’s unclear if it was related or caused in any way by hackers.
“A technology issue is affecting connectivity for some of our systems and we are working with our partners to fully resolve the issue,” an American Airlines spokesperson said in a statement. “Though we are experiencing delays as a result, we have not canceled any flights at this time.”
Cybersecurity companies that work directly with companies hit by hackers usually refrain from talking about specific victims, citing nondisclosure agreements. But both Google and Palo Alto Networks said Friday that they have observed a particularly effective cybercriminal group, nicknamed Scattered Spider by the cybersecurity industry, that tries to hack companies involved in aviation.
Scattered Spider is a loosely affiliated group of young, mostly English-speaking men who are extremely adept at sweet-talking their way into sensitive computer access at large companies. From there, they often hand that access to outside cybercriminals who install ransomware — malicious software that locks up computers, rendering them inoperable — and then demand an extortion payment.
The group has been tied to attacks on Las Vegas casinos in 2023 and British department stores earlier this year. After Google warned that Scattered Spider was targeting American retailers, a cyberattack hobbled a top Whole Foods supplier, leading to empty shelves across the country.
Charles Carmakal, the chief technology officer of Mandiant, Google’s cloud security company, said in an emailed statement that it was tracking “multiple incidents in the airline and transportation sector” where Scattered Spider had broken in.
“We are still working on attribution and analysis, but given the habit of this actor to focus on a single sector we suggest that the industry take steps immediately to harden systems,” he said.
Details on the effects of the attacks on airlines are still sparse.
A WestJet spokesperson told NBC News in an email that the company first noticed it had been hacked on June 13 and has made “significant progress” to resolve it. Hawaiian Airlines said in a Friday filing with the Securities and Exchange Commission that it discovered on Monday that it had been hacked and that “Flights are currently operating safely and as scheduled.”
Neither company responded to questions about whether any flights had been canceled or delayed because of the attacks.
The post North American Airlines targeted by cyberattacks appeared first on NBC News.
