With the start of summer vacation, airlines are facing new threats. The FBI and cybersecurity company warn that a group of teen hackers known as scattered spiders are targeting the aviation industry.
Last Friday, the FBI issued an alert saying that cybercrime groups “expand their targets to industries that include airlines.” At least two airlines have been affected by cyber attacks. Westjet and Hawaiian Airlines both felt the impact of cybersecurity attacks attributed to the group. Hawaiian Airlines said the June 23 incident affected some of its IT systems, but the flights were “safe and on schedule.” On June 13, Air Canada Westjet released a statement reporting on the cyber attacks they continued to resolve, saying they have made “significant progress” in protecting their systems.
The scattered spiders are a group of hackers composed of teenagers and young people. Microsoft researchers once called the scattered spiders “one of the most dangerous financial crime groups.”
Mixable light speed
The group is known for its ransomware tactics. The FBI said hackers often pretend to be employees or contractors to “scam it to help the table” and gain access to the system. “Once inside, scattered spider actors steal sensitive data for ransomware and often deploy ransomware,” the statement continued.
Google’s cybersecurity division, Mandiant and Palo Alto Networks’ research unit 42 units said they have observed scattered spiders increasingly targeting the transportation sector.
6 largest cybersecurity vulnerabilities in 2025 so far
The FBI said it actively cooperates with aviation partners to address the rise in cybersecurity threats. They said in a statement that hackers can target airlines and their third-party IT providers, meaning “anyone in the airline ecosystem, including trusted suppliers and contractors, could be at risk.”
In September 2023, the scattered spiders were notorious when the group was linked to MGM Resorts and Caesars Entertainment, two famous Las Vegas casinos and hotels. MGM eventually had to pay about $15 million in ransom to solve the problem.
The group, which had previously targeted British retail giant Mark and Spencer, was recently suspected of being behind a violation of American insurance company Aflac.
