Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Two teenagers suspected to be members of the infamous Scattered Spider ransomware movement have been arrested in the UK for their alleged participation in a cyber attack on London’s transport network.
Thalha Jubair, 19, and Owen Flowers, 18, were arrested earlier this week in their homes jointly by London Police and the UK National Crime Agency (NCA) for their alleged participation in a hack of Transport for London (TFL).
Transport for London disclosed on 2 September 2024 that it had suffered a cyber attack, which it later revealed led to limited system access and commuter data being exposed.
That same month, the NCA arrested Flowers, who was 17 at the time, for alleged breaches of the Computer Misuse Act.
The 2024 arrest led to the discovery that Flowers was also involved in cyber attacks against US healthcare companies, according to the NCA. Flowers has also been charged with “conspiring with others to infiltrate and damage” the networks of two healthcare organisations, SSM Health in Missouri and Sutter Health in California.
Jubair, who was arrested by the NCA for the first time this week, was also identified as having been involved in previous cyber attacks targeting US organisations, according to a Justice Department unsealed criminal complaint.
The complaint charged Jubair for participation in cyber criminal activity that impacted at least 47 US victims, including “a US-based critical infrastructure company and the US courts”. Ransom payments for these totalled US$115 million.
Now, Jubair and Flowers face charges under the same act of “conspiring together to commit unauthorised acts” against Transport for London.
CrowdStrike’s head of counter adversary operations, Adam Meyers, celebrated the arrests, suggesting that the two individuals were members of the Scattered Spider hacking collective.
“The arrests of Scattered Spider members in the UK represent a significant blow to one of the most disruptive e-crime groups operating today,” said Meyers.
“Since emerging in 2022, Scattered Spider has conducted increasingly aggressive ransomware and extortion campaigns across a number of verticals. This coordinated law enforcement action will likely degrade Scattered Spider’s operations in the near term.
“More importantly, it sends a message: cyber criminals who aggressively extort and disrupt are not beyond reach. But this isn’t just about arrests – it demonstrates the impact of strong public-private collaboration – when law enforcement and industry share intelligence and act decisively, we can disrupt operations that are inflicting real damage on global businesses.”
Be the first to hear the latest developments in the cyber industry.
