🟠 High  |  Source: The Register — Security


Two British members of the Scattered Spider cybercrime group have been sentenced to prison for their roles in the 2023 ransomware attack on Transport for London (TfL), which caused widespread disruption and exposed sensitive customer data. The conviction marks the largest cybercrime prosecution in UK legal history. Scattered Spider is a loosely organised, English-speaking threat group known for sophisticated social engineering and identity-based attacks targeting major organisations.

Security Architect’s Take: Scattered Spider’s hallmark is bypassing technical controls through social engineering of helpdesks and identity providers — review your MFA reset and account recovery procedures immediately, enforce phishing-resistant MFA (e.g. FIDO2) across all privileged access paths, and ensure helpdesk staff follow strict identity verification protocols before any credential or MFA changes are made.

Original advisory: Brit Scattered Spider duo handed tickets to prison over Transport for London attack