"Moving to E5 has been really good from a security point of view... Now we can get a holistic view of whatโs going on, which helps us to make changes and recommendations for future plans."
Kickstart Your FastTrack Journey
Fill out the short form below to express your interest in our FastTrack programme, and weโll be in touch soon.
โWe needed to find solutions to a variety of issues whilst being a complex business, operating in a 24/7 environment. Stripe OLT listened and understood immediately the challenges we faced.โ
Keep up to date with the experts
Get insights directly to your email inbox
Follow us on social
โWe needed to find solutions to a variety of issues whilst being a complex business, operating in a 24/7 environment. Stripe OLT listened and understood immediately the challenges we faced.โ
Request a Call
First we need a few details.
Scattered Spider – also known as Octo Tempest or Roasted 0ktapus – are a financially motivated cybercrime group active since at least 2022.
They gained notoriety through a string of high-impact breaches in the US, including the MGM Resorts and Caesars Entertainment attacks in 2023.
Despite being loosely affiliated and often young, their operational maturity is notable, regularly combining social engineering with deep knowledge of enterprise systems.
In 2025, major UK retailers, including Marks and Spencer, Co-op, and Harrods, reported significant cyber incidents. While formal attribution is ongoing, many security analysts have pointed to Scattered Spider due to similarities in technique, tooling, and targeting.
Their known focus on retail, gaming, and hospitality – combined with a track record of high-profile extortion – places them among the top suspects.
Scattered Spider are financially driven. They operate with clear ROI in mind, often using extortion, data theft, and ransomware as end goals. Their known targets span:
This wide attack surface reflects a focus on sectors with complex IT environments and high sensitivity to disruption.
Scattered Spider typically employs a blend of social engineering and technical abuse to gain initial access and escalate privileges. Their tactics include:
These techniques are often used in combination, increasing their effectiveness and making early detection more difficult.
The groupโs success stems from a hybrid approach: exploiting both people and systems. They often:
Their agility allows them to bypass many standard security controls, especially where user trust and session persistence are not well managed.
Scattered Spider are experts in Social Engineering and laterally moving in environments. To counter their tactics, organisations should:
Scattered Spider are not an emerging threat โ theyโre an active, evolving one. From casinos to cloud providers to the UK high street, their campaigns show how modern cybercrime groups adapt quickly, scale globally, and exploit the weakest points in the human-technology interface.
Defending against them requires more than awareness – it demands coordination across IT, security, and leadership teams to build a truly resilient security posture.
If youโre concerned about organised threats and want to stay one step ahead of social engineering attacks, our security experts at Stripe OLT are here to help.
Book a free discovery session with us โ we’re here to asses your current security posture and recommend tailored strategies to protect your organisation from evolving threats.
