The FBI has identified at least 12 members of the “Scattered Spider” hacking group but has not made any arrests, despite the group’s presence in the US and other Western countries. This information comes from a report by Reuters. Scattered Spider has been targeting corporations for two years and gained notoriety for its ransomware attacks on MGM Resorts International and Caesars Entertainment in September of this year.
MGM Resorts International refused to pay the ransom and was able to regain control of its systems after several days of disruption. The attack caused an estimated $100 million worth of damage. On the other hand, Caesars Entertainment paid a ransom of around $15 million to restore normal services, according to The Wall Street Journal.
The group, also known as Octo Tempest, engages in various criminal activities such as ransomware, sextortion, and phone scams. They communicate their activities on public forums like Telegram and Discord. The FBI has been investigating the group, known as “the Com,” for some time, but the recent casino attacks have increased pressure on the agency. This has led to frustration among cybersecurity sources who have spoken to Reuters about the lack of arrests.
Michael Sentonas, president of CrowdStrike, a cybersecurity firm tracking the group, believes that the lack of arrests points to a “failure” of law enforcement. He mentioned that despite being a small group, they are causing significant disruption.
Casinos are prime targets for cybercriminals due to the vast amount of data they possess through loyalty programs and the credit card-intensive nature of hotel bookings. However, Scattered Spider is unique in that its members are mainly English-speaking, whereas high-profile cybercrime has traditionally been associated with East European criminal gangs or state-sponsored attacks orchestrated by China, North Korea, or Iran.