Four people were arrested in the UK on Thursday as part of a National Crime Agency investigation into April’s high-profile cyberattack spree against retail giants Harrods, Marks & Spencer and Co-op.
The suspects – two 19-year-old men, a 17-year-old man and a 20-year-old woman – are being held on suspicion of violating the Computer Misuse Act, blackmail, money laundering and participating in organised crime activities, according to the NCA.
They are believed to be affiliated with the notorious cybercrime gang Scattered Spider, which cyber security experts have linked to the hacks of the three retailers and subsequent attacks on US retailers and global insurance and aviation businesses.
Police arrested the suspects at their homes in West Midlands and London, seizing multiple electronic devices that will be analysed for forensic evidence.
“Since these attacks took place, specialist NCA cybercrime investigators have been working at pace and the investigation remains one of the agency’s highest priorities,” said Deputy Director Paul Foster in a statement.
The West Midlands Regional Organised Crime Unit and the East Midlands Special Operations Unit assisted the NCA in the operation.
Foster said the arrests marked a significant step in the probe, although work continues with partner agencies in the UK and elsewhere to identify and arrest more suspected hackers.
“Their aggressive social engineering tactics and relentless pursuit of access have proven particularly challenging for many defenders, and resulted in considerable damage to organisations in the UK and US,” said Charles Carmakal, CTO at Mandiant Consulting. “This action by law enforcement underscores the critical importance of international collaboration in combating cybercrime.”
Members of the Scattered Spider group have been arrested in the past, including a 23-year-old from Scotland who was extradited to the US in April after being held in Spain since last year.
“Hacking is not a victimless crime,” a spokesperson for Co-op told Cybersecurity Dive via e-mail. “Throughout this period, we have engaged fully with the NCA, and relevant authorities and are pleased on behalf of our members to see this had led to these arrests today.”
The chairman of M&S, one of the first victims in this year’s hacking spree, told a House of Commons subcommittee this week that the cyberattacks were likely the work of a ransomware group called DragonForce, working in cooperation with Scattered Spider.
Scattered Spider is believed to be a decentralised collective with English-speaking members across the UK and the US, making it unclear whether the four people arrested were involved in any additional attacks.
Cybersecurity Dive
Click Here For The Original Source.
