By The Financial District
Sep 25, 20231 min
Around a year ago, the US security firm Palo Alto Networks began receiving reports from numerous companies that had fallen victim to unconventional hacking methods, as reported by Zeba Siddiqui and Raphael Satter for Reuters.
It was observed that the level of sophistication is typically more associated with nation-state actors rather than cybercriminals.
Native English-speaking hackers would contact a target company's information technology helpdesk while posing as employees and request login credentials by pretending to have lost their own.
They possessed all the necessary employee information to appear convincing.
Once they gained access, they swiftly infiltrated the company's most sensitive data repositories for the purpose of extortion.
While ransomware attacks are not novel, this group demonstrated an exceptional proficiency in social engineering and bypassing multi-factor authentication, according to Wendi Whitmore, the Senior Vice President of Palo Alto Networks' Unit 42 Threat Intelligence Team.
"They are considerably more sophisticated than the average cybercriminal actors. They appear to operate with discipline and organization in their attacks," she stated. "This level of sophistication is typically more associated with nation-state actors rather than cybercriminals."
Known in the security industry under various aliases such as Scattered Spider, Muddled Libra, and UNC3944, these hackers gained public attention earlier this month for breaching the systems of two of the world's largest gambling companies: MGM Resorts and Caesars Entertainment Ltd.