LONDON: CyberCube, the global leader in cyber risk analytics, has identified Manufacturing, Education, IT, and Retail as the sectors most at risk of attacks from Scattered Spider, the versatile extortion crew behind the recent spate of high-profile hacks.

Scattered Spider has evolved from a newly identified social‑engineering crew in 2022 into one of the most aggressive ransomware‑and‑extortion outfits on today’s threat landscape. Since April this year, Scattered Spider has been moving swiftly across industries, leaving financial losses in its wake. The group has expanded its campaigns across seemingly unrelated sectors, including retail, insurance, and airlines, using sophisticated social engineering tactics such as help desk impersonation and authentication bypass to infiltrate high-value corporate networks.

Cyber risk exposure managers can leverage CyberCube's Portfolio Threat Actor Intelligence (PTI) solution to pinpoint organizations in their portfolios most at risk of being targeted by Scattered Spider. CyberCube has analyzed a portfolio of approximately 15,000 companies from key global markets, segmenting them into risk tiers based on their exposure to Scattered Spider, specifically their technology footprint and observed security weaknesses.

The analysis found that 2% of companies with revenues over $500 million across eight key cyber (re)insurance markets — USA, UK, Canada, Australia, Germany, France, Japan, and Singapore — face the highest likelihood of being targeted by Scattered Spider.

CyberCube identified 287 high-risk companies (2%) that use three or more technologies frequently targeted by Scattered Spider, combined with security lapses the group is known to exploit. Notably, high-risk companies also tolerate security conditions that may allow the threat actor to complete critical steps across the attack lifecycle and ultimately achieve their objectives. Medium-risk companies (1,037, or 7%) use at least one of the group’s preferred technologies and exhibit security weaknesses that could enable only partial progression through the attack lifecycle. In a blog published online, CyberCube has also provided an industry breakdown of the high-risk companies for potential Scattered Spider attacks.

William Altman, Head of Cyber Threat Intelligence Services and blog author, said: “CyberCube’s analysis reveals both a current cluster of elevated risk in the market and a strategic opportunity for cyber (re)insurers to act preemptively by managing exposure and incentivizing better security before Scattered Spider strikes again. For portfolio managers, our findings reinforce the need to move beyond broad sector assumptions and focus on mapping technological and security posture overlaps across seemingly unrelated sectors and insureds.”

Portfolio Threat Actor Intelligence (PTI) harnesses the power of Artificial Intelligence (AI) to map the behaviour of cyber threat actors and the technologies they most frequently target. It is included as part of the CyberCube Concierge Threat Intelligence service — a first-of-its-kind offering designed specifically for the unique needs of cyber (re)insurers, built by experts in cyber threat intelligence, risk, and insurance.

CyberCube’s blog can be found here: CyberCube: 2% of Large Firms at Highest Scattered Spider Risk.

About CyberCube

CyberCube is the leading provider of software-as-a-service cyber risk analytics to quantify cyber risk in financial terms. Driven by data and informed by insight, we have harnessed the power of artificial intelligence to supplement our multi-disciplinary team. Our clients rely on our solutions to make informed decisions about managing and transferring cyber risks. We unpack complex cyber threats into clear, actionable strategies, translating cyber risk into financial impact on businesses, markets, and society as a whole.

The CyberCube platform was established in 2015 within Symantec and now operates as a standalone company. Our models are built on an unparalleled ecosystem of data and validated by extensive model calibration, internally and externally. CyberCube is the leader in cyber risk quantification for the insurance industry, serving over 100 insurance institutions globally. The company’s investors include Forgepoint Capital, HSCM Bermuda and Morgan Stanley Tactical Value. For more information, please visit www.cybcube.com or email info@cybcube.com.

Fonte: Business Wire