Scattered Spider Casino Hackers Remain at Large

The names Scattered Spider and Octo Tempest skyrocketed in notoriety after the devastating attack on high-profile casinos like Caesars and MGM Resorts International. While a recent Reuters report noted that the FBI had identified some members, the group remains active. The lack of arrests following their most recent attacks leaves industry experts baffled as the gambling industry struggles to adapt to this new threat.

Law Enforcement Has Been Slow to React

The Scattered Spider group, active since 2021, gained significant attention following its attacks on high-profile US companies. The MGM breach incurred an estimated $100 million in damages, and Caesars reportedly paid around $15 million in ransom to regain system access. These attacks also caused significant disruptions, damaging the operators’ public image.

American cybersecurity firms like CrowdStrike, Alphabet’s Mandiant, ZeroFox, and Microsoft have been working tirelessly to respond to the breaches, collecting evidence regarding the hackers’ identities and aiding law enforcement efforts. ZeroFox CEO James Foster noted that the FBI had limited qualified manpower, explaining the lack of decisive action.

“Law enforcement… has all the tools and resources they need to be successful in going after cyber criminals. They just don’t have enough people.”

James Foster, ZeroFox CEO

While the FBI has been investigating the gaming company hacks for over a year, it has declined to comment on the larger group or the current status of the investigation. Similarly, the Department of Justice chose not to share its thoughts or progress regarding its measures to counteract the increasingly bolder cyberattacks. 

The Gambling Sector Remains a Prime Target

The loose structure of the Scattered Spider group complicates investigations, as it comprises small clusters of individuals collaborating intermittently on specific tasks. The hackers mainly operate in Western countries, including the United States, communicating via messaging apps like Telegram and Discord. Recent reports highlight the group’s aggressive tactics, including threats of violence and ransom demands.

Security analysts have identified victims across various industries, with roughly 230 organizations affected since the group’s activities began. Some victims have been hesitant to cooperate with authorities, further complicating investigations. The gambling sector has been a prime target as many operators have outdated systems, and their staff lacks the necessary training to avoid security breaches. 

Law enforcement officials continue to grapple with these challenges as they strive to dismantle this aggressive cybercrime group and bring its members to justice. Meanwhile, the gambling sector scrambles to adapt to this new threat, focusing on improved personnel training to halt social engineering attacks. However, Scattered Spider’s continued attacks mean many operators remain in danger.