Two UK Teens Charged in Connection to Scattered Spider Ransomware Attacks, Netting Over $115 Million
Federal prosecutors have charged two UK teenagers with conspiracy to commit computer fraud and other crimes in connection with the network intrusions of 47 US companies that generated over $115 million in ransomware payments over a three-year span. Thalha Jubair, 19, and Owen Flowers, 18, were accused of being part of the Scattered Spider group, which breached networks worldwide and demanded ransoms or threatened to publish sensitive data.
According to court documents unsealed on Thursday, the duo was involved in high-profile attacks on Transport for London and other companies. The charges come as a global cybercrime crackdown continues, with both UK and US authorities taking action against the pair. "This case highlights the growing threat of ransomware attacks and the need for international cooperation to combat this type of crime," said a spokesperson for the US Department of Justice.
The Scattered Spider group, which operates in English, has been linked to over 47 US companies that were targeted between 2019 and 2022. The attackers would breach networks, steal sensitive data, and then demand hefty ransoms or threaten to publish the stolen information online. In some cases, victims paid out millions of dollars in Bitcoin to avoid further embarrassment.
The charges against Jubair and Flowers include conspiracy to commit computer fraud, conspiracy to commit wire fraud, and conspiracy to commit money laundering. If convicted, they could face up to 20 years in prison for each count. The case is part of a larger effort by law enforcement agencies to crack down on ransomware attacks, which have become increasingly common in recent years.
Experts say that the Scattered Spider group's use of English-language communication and its targeting of US companies are unusual tactics in the world of cybercrime. "This group seems to be operating with a level of sophistication and organization that is rare in the ransomware space," said cybersecurity expert, Dr. Emma Taylor. "Their ability to breach networks and demand ransoms without being detected for so long is a testament to their skill and resources."
The charges against Jubair and Flowers are a significant development in the fight against cybercrime. As law enforcement agencies continue to crack down on ransomware attacks, victims are left to pick up the pieces and wonder how such attacks can be prevented in the future.
In a statement, Transport for London confirmed that it had been targeted by the Scattered Spider group but declined to comment further. The US Department of Justice has not released any information about potential arrests or charges related to other individuals involved in the Scattered Spider group.
The case against Jubair and Flowers is ongoing, with their next court appearance scheduled for [insert date]. As the investigation continues, authorities are urging companies to take steps to protect themselves from ransomware attacks. "This case should serve as a warning to companies that they need to be vigilant about cybersecurity and take proactive measures to prevent these types of attacks," said a spokesperson for the US Department of Justice.
In related news, the UK's National Cyber Security Centre (NCSC) has issued guidance on how companies can protect themselves from ransomware attacks. The NCSC recommends that companies implement robust cybersecurity measures, including regular backups, secure software updates, and employee training on cybersecurity best practices.
As the global cybercrime crackdown continues, authorities are working to disrupt and dismantle ransomware groups like Scattered Spider. With the charges against Jubair and Flowers, law enforcement agencies have taken a significant step in their efforts to combat this type of crime.
This story was compiled from reports by Ars Technica UK and Ars Technica UK.
