CyberCube Identifies High-Risk Sectors for Scattered Spider Ransomware Attacks: Manufacturing, Education, IT, and Retail Top the List
CyberCube, a leading global provider of cyber risk analytics, has identified the Manufacturing, Education, IT, and Retail sectors as the most vulnerable to attacks from Scattered Spider, a rapidly evolving extortion group. Since April 2023, Scattered Spider has expanded its operations across various industries, causing significant financial losses through sophisticated social engineering tactics like help desk impersonation and authentication bypass. CyberCube's advanced Portfolio Threat Actor Intelligence (PTI) solution has assessed a portfolio of about 15,000 companies from key global markets, including the USA, UK, Canada, Australia, Germany, France, Japan, and Singapore. The analysis revealed that 2% of companies with annual revenues exceeding $500 million are at the highest risk of being targeted by Scattered Spider. These 287 companies use at least three technologies frequently exploited by the group and exhibit notable security vulnerabilities that could facilitate a full attack lifecycle. Another 7% (1,037 companies) are considered medium-risk, using at least one of the group's preferred technologies but showing weaker security postures that might allow partial attack progression. William Altman, Head of Cyber Threat Intelligence Services at CyberCube, highlighted the strategic importance of these findings for cyber (re)insurers. "By pinpointing high-risk companies, insurers can proactively manage their exposure and encourage better security practices. This approach goes beyond sector-based risk assessments and focuses on the specific technological and security conditions that make companies susceptible," Altman noted in a blog post detailing the analysis. CyberCube’s PTI leverages AI to map the behavior of cyber threat actors and identify the most commonly targeted technologies. Integrated into the CyberCube Concierge Threat Intelligence service, PTI offers a tailored solution for the insurance industry, helping portfolio managers understand and mitigate cyber risks more effectively. Established in 2015 within Symantec, CyberCube now operates independently and serves over 100 insurance institutions worldwide, providing tools to translate complex cyber threats into clear, actionable strategies that quantify financial impacts on businesses and broader markets. The company's robust data ecosystem and stringent model validation processes have made it a trusted name in the field. With investments from firms like Forgepoint Capital, HSCM Bermuda, and Morgan Stanley Tactical Value, CyberCube continues to innovate and expand its offerings to enhance cyber risk management. Industry experts and insurers alike agree that CyberCube's detailed risk analysis and proactive approach are crucial in today's rapidly changing threat landscape. By focusing on specific technological footprints and security postures, companies can better prepare for and defend against emerging threats like Scattered Spider, ultimately reducing the likelihood and impact of cyberattacks. For more information on CyberCube and its services, visit www.cybcube.com or contact them at info@cybcube.com.