Last week, a UK national was arrested in East London and subsequently charged with multiple counts by both British and US authorities. In the case of the former, it is in connection with a cyber attack against Transport for London's systems in 2024, whereas the US Department of Justice has filed charges of "conspiracies to commit computer fraud, wire fraud, and money laundering."
With the global statistics of cyber attacks and ransomware crime showing no signs of decline or plateauing, authorities in different countries typically work with each other in order to solve such cases. Just recently, the UK's National Crime Agency reported on the arrest of London-based Thalha Jubair over the cyberattack on Transport for London's (TfL) online ticket system in 2024.
However, Jubair has also been charged by US authorities. "[He] is alleged to have participated in a sweeping cyber extortion scheme carried out by a group known as Scattered Spider, which committed at least 120 attacks worldwide and resulted in over $115 million in ransom payments from victims," said Acting Assistant Attorney General Matthew R. Galeotti of the US Justice Department’s Criminal Division.
Scattered Spider is an undefined group, in terms of size and fluidity of its organisation, that's claimed to be behind a number of cyberattacks and ransomware activities, predominantly targeting infrastructure, tech, and retail companies around the world (though mostly in the US and UK). It uses a wide range of tools and techniques to gain access to systems, to carry out data extortion.
While it is unclear what penalty UK prosecutors will be demanding when Jubair's case is brought to court later in the year, the US case against him—computer fraud conspiracy, two counts of computer fraud, wire fraud conspiracy, two counts of wire fraud, and money laundering conspiracy—carries a maximum penalty of 95 years in prison, if found guilty on all counts.
However, the likelihood that the arrest and court cases will help to reduce the number of cyberattacks against large companies is almost certainly going to be very low. That's because Scattered Spider isn't a cohesive group of hackers all working under the same banner; the name itself is technically applied to any threat actor who has used a specific set of tactics and tools.
Although it's impossible to tell just how many individuals are behind all of the major cyber attacks, the availability of the tools and techniques required to carry out the activities suggests that finding another 'member' for Scattered Spider won't be a difficult or lengthy task.
Most cyber attacks, especially those concerning ransomware, are unsuccessful, but for every one that is, the cost of the data loss or the size of the ransom demand seems to be increasing in size. There are fairly standard measures that organisations can take to combat the problem, as well as on an individual basis, especially since phishing is still the primary method for gaining entry to data.
It might feel onerous to treat every email or message you get with suspicion these days, but it's a far smaller price to pay than what could happen.
1. Best gaming laptop: Razer Blade 16
2. Best gaming PC: HP Omen 35L
3. Best handheld gaming PC: Lenovo Legion Go S SteamOS ed.
4. Best mini PC: Minisforum AtomMan G7 PT
5. Best VR headset: Meta Quest 3
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
