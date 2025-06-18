Comment: Insurers now Scattered Spider target, warns Google’s Threat Intel Group

June 2025 by Jon Abbott, CEO, ThreatAware

News has emerged that Google’s Threat Intelligence Group (GTIG) is warning of incidents of threat actors breaching multiple US companies in the insurance industry using tactics observed with Scattered Spider activity – according to GTIG’s Chief Analyst, “the insurance industry should be on high alert”, because the group tends to approach one sector at a time.

“The rising tide of attacks on US insurers is a serious threat the sector must address - and a warning for other industries to stay vigilant.

These attackers tend to target one sector at a time, and no industry is immune. Previous successes in retail and entertainment, against the likes of M&S, Caesars and MGM, highlights one critical truth: cyber hygiene matters more than the tools already deployed and working.

They don’t rely on advanced exploits, but instead use fast moving social engineering tactics to bypass weak helpdesk protocols and identity checks.

Defence must start with the fundamentals. Accurate asset inventories, tamper-proof identity verification and hardened service desk processes are all essential. Security teams must also monitor for behavioural anomalies, like unexpected access requests or administrative changes, rather than just relying on traditional malware detection.

Most importantly, insurers need to cultivate a culture of security awareness across all teams.

Visibility, processes and people – not just tech - are the real lines of defence against Scattered Spider”