‘Scattered Spider’ and the rise in global Cybercrime banner

Insights

Home / Insights / News / ‘Scattered Spider’ and the rise in global Cybercrime

‘Scattered Spider’ and the rise in global Cybercrime

  • Posted on

Recent computer hackings of big retailers Marks & Spencer, the Co-op and Harrods – and the ensuing commercial fall-out – have thrown the normally covert world of cybercrime under the spotlight.

The National Crime Agency (NCA) is currently investigating a native English-speaking group of cybercriminals known as Scattered Spider which have become the main suspects in the case.

“We know that Scattered Spider are largely English-speaking but that doesn’t necessarily mean that they’re in the UK,” Paul Foster, the head of the NCA’s national cybercrime unit, told the BBC.

“We know that they communicate online among themselves in a range of different platforms and channels, which is, I guess, key to their ability to then be able to operate as a collective.”

This may have been the one of the biggest corporate attacks in recent years, but hacking is only one of a wide range of illegal activities which come under the umbrella of cybercrime, such as identity theft, phishing and ransomware.

There are others too, including cyber bullying (gaming abuse, abusive texts, emails, social media forums), bank fraud, romance scams, online grooming, child pornography, revenge porn, social media fraud and abuse.

Because of the international nature of cyber and internet crime, some cases may involve cross-border issues and also extradition.

Cyber criminals are adept at covering their tracks and in the complexities of today’s technological world, individuals and companies can find themselves being accused of cybercrime activities – sometimes even being unaware they’ve committed them.

The Computer Misuse Act 1990

In terms of the legal position, investigating authorities (such as the NCA) can utilise a number of legislative frameworks to conduct investigations and launch prosecutions.

The Computer Misuse Act 1990 creates a criminal liability for a number of cybercrime offences. The Act does not include a fixed definition of a computer, as technological developments occur so rapidly that any statutory definition would likely become outdated quickly.

As a result, it is left to the courts to interpret what constitutes a computer, relying on the contemporary understanding of the term. In the case of DPP v McKeown; DPP v Jones ([1997] 2 Cr. App. R. 155, HL, at p. 163), Lord Hoffmann described a computer as “a device for storing, processing and retrieving information.”

Offences specified in the Act include unauthorised access to computer material (hacking); unauthorised access with intent to commit or facilitate further offences (cyber attacks and ransomware); unauthorised acts with intent to impair the operation of a computer (malware installation) and alternative offences to consider would be those within the Fraud Act 2006 and the Investigatory Powers Act 2016, amongst others.

Conversely, the new Online Safety Act 2023 will require platforms to take down content that facilitates or encourages cybercrime (e.g. malware tutorials or ransomware distribution links) and give Ofcom power to enforce action against platforms that fail to mitigate risks of illegal online content, which could include facilitating cyber attacks or data breaches, if user content or services enable such activity.

Extradition and Cybercrime

When suspects are located outside the UK, extradition becomes a pertinent issue. The Extradition Act 2003 governs the UK's extradition processes, facilitating cooperation with countries such as the United States under bilateral treaties. Defence practitioners must assess the likelihood of extradition, considering factors such as dual criminality, the human rights implications, and the strength of the evidence presented.

A notable case illustrating these complexities is that of Tyler Buchanan, a 23-year-old from Dundee, Scotland, alleged to be a ringleader of Scattered Spider. Buchanan was arrested in Spain and extradited to California in April 2025, where he faces charges related to a £9 million cryptocurrency scam.

Legal Advice and Cybercrime

Criminal law firms must develop robust defence strategies, which may include challenging the admissibility of digital evidence, scrutinizing the methods used to obtain such evidence, and exploring potential violations of the suspect's rights during the investigation and extradition process.

Additionally, firms should be prepared to advise clients on plea negotiations, potential sentencing outcomes, and the prospects of repatriation to serve sentences in the UK.

If you or your business are facing the possibility of prosecution for a cybercrime then you need to call on the best and most experienced legal team for advice and representation.

Carson Kaye has highly specialised solicitors with extensive knowledge of the laws around cyber crime and we are also able call on the services of highly qualified leading experts in the field.