Identity-Centric Attacks: The New Reality for UK Retail by Caren Havelock

Recent attacks against major UK retailers are linked to the cybercriminal group Scattered Spider and typify a shift to identity-centric intrusions: attackers use phishing, vishing, help-desk deception, SIM swaps and MFA fatigue to steal credentials, abuse identity systems (Active Directory, SSO, Entra ID), escalate privileges, move laterally, and deploy ransomware or exfiltrate data; the report outlines these TTPs and describes how Vectra AI’s Identity Threat Detection and Response capabilities detect and mitigate such post-compromise behaviors across cloud, network, and SaaS environments.