The FBI has struggled to stop a hyper-aggressive cybercrime gang that's been tormenting corporate America over the last two years, according to nine cybersecurity responders, digital crime experts and victims, Reuters reports. For more than six months, the FBI has known the identities of at least a dozen members tied to the hacking group responsible for the devastating September break-ins at casino operators MGM Resorts International and Caesars Entertainment, say four people familiar with the investigation. Industry executives have said they were baffled by an apparent lack of arrests. "I would love for somebody to explain it to me," said Michael Sentonas, president of CrowdStrike, one of the firms leading the response effort to the hacks. "For such a small group, they are absolutely causing havoc..".
Sentonas said the hackers were "known," adding, "I think there is a failure here." Asked who was responsible for the failure, Sentonas said, "law enforcement." Dubbed by some security professionals as "Scattered Spider," the hacking group has been active since 2021 but it grabbed headlines after a series of intrusions at several high profile companies. The MGM breach disrupted operations at its casinos and hotels for days and cost the company roughly $100 million in damages. Caesars paid around $15 million in ransom to regain access to its systems from the hackers, reported the Wall Street Journal. CrowdStrike, Alphabet's Mandiant, Palo Alto Networks, and Microsoft are among the main cybersecurity firms responding to private company breaches by the hackers. Some have been collecting evidence leading to the hackers' identities and are assisting law enforcement. After the September casino hacks, the FBI's investigation took on new urgency. FBI officials first began looking at the hackers' operations more than a year ago.