Stay informed of free updates
Just register at Cybersecurity Myft Digest – Delivered directly in your reception box.
The writer is director of Cambridge Cybercrime Center and professor of emerging damage at Cambridge University
In recent weeks, you may have heard the name “scattered spider” compared to continuous disruption at Marks and Spencer, the cooperative and the Harrodes. Although there has not yet been a public allocation for cyber attacks against British retail trade, there are speculation that the tactics used are similar to a vaguely affiliated online network of online disbelievers. Other reports suggest collaboration with another cybercrime group, DragonForce, which would provide ransomware as a service.
Sported Spider has been linked to breaches in a number of high -level companies and has infiltrated the collective imagination of cybersecurity, media and government professionals. However, its symbolic power – amplified by its striking name – prevails by far on its technical skills.
The size of the group’s alleged targets can give the impression that impressive hacking capacities are required. But the reports indicate that it enters organizations via rear doors by convincing involuntary employees to allow access.
This can be done by social engineering (manipulating people in the sharing of private information), targeted phishing, taking advantage of multi-factor fatigue and SIM exchange. These tactics are not new. They involve gentle employees, leading them to false websites in order to steal their references and take advantage of bad verification practices. None of these crimes requires highly qualified adversaries.
In the cybersecurity industry, however, marketing is everything. The names are chosen to invoke a visceral reaction and promote fear. This fear helps transform people to costly high -tech safety products.
The scattered spider is in fact not an official group which has been named. Its name was first invoked by the cybersecurity company Crowdstrike in 2022. You can even buy dispersed spiders’ figurines, t-shirts, mouse pads, cups and a roller board in the Crowdssrike online store. (Crowdsstrike, you may remember, was the company blamed for millions of offline computers last summer, disturbing airlines, media, health services and emergency call centers due to sloppy software update.)
It is not only Crowdsstrike who presents names for the groups involved in deviant behavior. Other security companies are jostling to choose the most catchy nickname, which will be splashed on the versions of the media and will ensure that their website leads the search results. The scattered spider has received many other names, notably Starfraud, UNC3944, Scatter Swine and Muddled Libra.
There are some exceptions. DragonForce seems to have been named, perhaps in order to gain notoriety and ward off a title chosen by the marketing department of a security company.
The names distributed to cyber-criminals gangs do not only describe their behavior, they can also shape it. These linguistic choices can inflate the symbolic capital of a group, granting legitimacy to its members, who are often adolescents or young adults in search of recognition and prestige by peers. For them, cybercrime can not only be a means of wealth but a rite of passage. The scattered spider is therefore amplified by the same industry designed to neutralize them.
Often, the high -tech services that the cybersecurity sector sells protect the front door, while offenders continue to sneak at the rear using low -technology methods.
In a world where affiliation with pirate groups can be a badge of honor, regardless of the country or language, offenders can be motivated by the reputation and recognition of peers. To combat cyber menses, we need better deterrence, as cybercrime offenders are generally confronted with any consequences for their crimes. World prosecution rates are extremely low. Many criminals completely escape surveys because their crimes are relatively low in value, although they are raised in volume.
An effective cross -border collaboration is essential to tackle all the most commonplace cybercrimes except the most commonplace, and the police must be formed to deal with it. We need a reactive ecosystem that can act in the early stages of security violations.
If we want to protect ourselves from the assault of cybercrime, we need both increased prosecution and a mature IT security industry which presents neither vulnerabilities nor provocative names.
