Brief Overview

• Scattered Spider has adopted novel ransomware and social engineering strategies.
• DragonForce ransomware is now included in their resources.
• New strategies involve impersonating staff to deceive IT support.
• Remote access applications like AnyDesk and Teleport.sh are utilized to avoid detection.
• The RattyRAT trojan improves their sustained access abilities.
• Targets feature Snowflake data cloud and VMware ESXi servers.
• Connections to the Com online criminal network are recognized.
• The FBI cautions about a Com subgroup, Hacker Com, connected to ransomware-as-a-service.

Progression of Cyber Threats

The Scattered Spider collective, noted for its advanced cyber assaults, has bolstered its inventory with new ransomware and social engineering approaches, as reported by the Australian Cyber Security Centre (ACSC) and various Western entities.

Innovative Tactics and Approaches

Recently, Scattered Spider has begun employing DragonForce ransomware, utilized post data exfiltration for blackmail. Interaction with targeted entities takes place via The Onion Router (TOR), email, or encrypted messaging applications.

Data Exfiltration and Manipulation

This group transfers data to platforms like Mega.nz and Amazon S3. They have refined their social engineering methods, posing as personnel to influence IT helpdesks into resetting passwords and shifting MFA tokens.

Enhanced Tools for Concealment

Scattered Spider employs legitimate remote access tools such as AnyDesk and Teleport.sh to hide their activities. The Java-based trojan RattyRAT is also utilized to sustain undetected access.

Focusing on Cloud and Server Systems

The group aims at Snowflake data cloud for swift data exfiltration and encrypts VMware ESXi servers to heighten the urgency for ransom settlements. They create false user profiles and social media accounts to preserve access.

Advice for Organizations

To mitigate these threats, organizations are advised to implement phishing-resistant MFA, prohibit unauthorized software, and keep offline backups, as suggested by security agencies.

Connections to Criminal Syndicates

Scattered Spider is associated with the Com online criminal network, which recruits through channels like Roblox and Discord. A subgroup, Hacker Com, participates in ransomware-as-a-service and other illicit activities such as DDoS assaults and SIM swapping.

FBI Alerts

The FBI has circulated warnings regarding Hacker Com’s refined operations, which comprise selling technical support and engaging in violent retribution actions like “swatting.”

Conclusion

Scattered Spider’s progress in ransomware and social engineering strategies underscores the shifting cyber threat environment. Their ties to the Com network and advanced methods present substantial threats to organizations globally.

Q: What is DragonForce ransomware?

A: DragonForce is a variant of ransomware utilized by Scattered Spider for extortion following data breach.

Q: How does Scattered Spider execute social engineering?

A: They impersonate staff members to deceive IT helpdesks into changing passwords and transferring MFA tokens.

Q: What tools does Scattered Spider use for remote connectivity?

A: They leverage AnyDesk, Teleport.sh, and the RattyRAT trojan to maintain concealed access.

Q: Why is the Snowflake data cloud a target?

A: Snowflake enables Scattered Spider to perform large data queries quickly for exfiltration purposes.

Q: What constitutes the Com network?

A: It is an online criminal syndicate affiliated with Scattered Spider, recruiting via platforms such as Roblox and Discord.

Q: What measures has the FBI taken?

A: The FBI has issued warnings about Hacker Com’s advanced criminal enterprises, including ransomware-as-a-service.

Brief Overview

• Bunnings is utilizing AI to gain insights into and develop its workforce of 55,000 staff members.
• Investment in Workday technology has increased significantly, providing new AI tools like the Skills Cloud.
• AI is intended to establish clearer career paths and enhance employee retention.
• Additional resources such as Talent Optimization and HiredScore aid in strategic recruitment.
• AI chatbots have been introduced for operational inquiries, transitioning Bunnings’ culture towards self-service.

AI-Driven Workforce Development at Bunnings

Bunnings is adopting artificial intelligence (AI) to transform the management and understanding of its large workforce of 55,000 employees. This initiative aims to promote career growth and retain skilled individuals by providing clearer career paths within the organization.

Committing to Technological Progress

At a recent Workday Elevate summit, Jeff Rodway, Bunnings’ Head of Remuneration, People Systems, and Services, emphasized the company’s dedication to a “significant technology evolution” in its people and culture operations. This includes a major boost in investment in Workday, effectively doubling the array of AI tools available.

Central to this movement is the Workday Skills Cloud, driven by AI technology dubbed ‘Illuminate’. While still in its developmental phase, it has already produced promising outcomes in pilot initiatives.

Improving Employee Engagement

Bunnings is leveraging methods like Talent Optimization and HiredScore to ensure current employees are aligned with available positions and to cultivate talent pools for upcoming opportunities. This strategy is anticipated to greatly lessen the time and expenses linked to external recruitment.

Future objectives include incorporating advanced analytical tools such as People Analytics and Prism Analytics to provide deeper insights into the workforce, facilitating data-informed decision-making.

The Rollout of AI Chatbots

Beyond backend solutions, Bunnings is deploying AI chatbots to support employees with operational inquiries. This initiative represents a cultural shift towards self-service, empowering employees to seek information autonomously instead of depending on conventional interpersonal interactions.

Rodway acknowledges that while this transition is considerable, the ultimate aim is to boost operational efficiency and productivity via AI. The emphasis continues to be on fostering a more inclusive atmosphere and making informed management choices.

Conclusion

Bunnings is leading the way in incorporating AI technology into its operations, focusing on enhancing employee development and retention. Through strategic investments in platforms like Workday, Bunnings is improving its recruitment processes while cultivating a culture of innovation and self-service.

Q: What is the primary aim of Bunnings’ AI initiative?

A: The main goal is to better understand and develop the workforce, establishing career pathways and enhancing employee retention.

Q: How is Bunnings employing AI to improve its recruitment process?

A: Bunnings is utilizing resources like Talent Optimization and HiredScore to align current employees with available roles, decreasing the reliance on external hiring.

Q: What impact are AI chatbots having at Bunnings?

A: AI chatbots are transitioning the organizational culture towards self-service, enabling employees to address operational questions independently.

Q: What impact will AI have on Bunnings’ management strategies?

A: AI will facilitate more data-driven and inclusive management strategies, aimed at minimizing hiring times and enhancing operational efficiency.