Google has warned that the hacking group responsible for major disruptions to UK retailers is now turning its focus toward similar targets in the United States.
According to John Hultquist, an analyst at Google’s cybersecurity division, the group, linked to the notorious “Scattered Spider” network, is showing increasing aggression and sophistication in bypassing even the most mature security systems.
The group, which is believed to have orchestrated the recent cyberattack on British retailer Marks & Spencer, has a known pattern of targeting specific sectors over sustained periods. Hultquist cautioned that U.S. retailers could face continued pressure as the group intensifies its activities across the Atlantic.
Scattered Spider-affiliated hackers have already made headlines in the United States. In 2023, they were tied to high-profile breaches at MGM Resorts International and Caesars Entertainment, both of which suffered significant operational disruptions.
Despite the group’s track record, law enforcement agencies have found it challenging to rein in its members, largely due to their decentralized structure, youthful demographic, and a lack of transparency from affected businesses.
The FBI and the Cybersecurity and Infrastructure Security Agency declined to comment on the latest developments. However, U.S. industry bodies are taking the threat seriously. Christian Beckner, a vice president at the National Retail Federation, confirmed that U.S. retailers have been closely monitoring the situation in the UK and are aware of the cross-border nature of the threat.
Meanwhile, the Retail & Hospitality Information Sharing and Analysis Center (ISAC), which includes major companies such as Albertsons, Costco, McDonald’s, and Lowe’s, is coordinating with Google to organize a security briefing for its members. The initiative underscores the rising urgency among American retailers to shore up their cybersecurity defenses in the face of mounting risks from sophisticated hacking collectives.
