UK National Charged in Cyber Attacks on U.S. Critical Infrastructure

The U.S. Department of Justice has charged Thalha Jubair, a 19-year-old from London, in connection with more than 120 cyberattacks worldwide. Jubair, also known as EarthtoStar, Brad, Austin, and @autistic, is accused of working with the cybercriminal group Scattered Spider. The group is linked to massive ransom schemes that cost victims more than $115 million.

Who Is Scattered Spider?

Scattered Spider, also known as Octo Tempest, UNC3944, and 0ktapus, is one of the most aggressive cyber gangs operating today. The group employs social engineering tactics to deceive employees, gain unauthorized access to networks, and compromise systems. Once inside, they steal and encrypt data, then demand large ransom payments to restore access and keep information from being leaked.

Their targets include critical infrastructure, U.S. companies, and even the federal court system. According to investigators, Jubair and his associates carried out attacks from May 2022 through September 2025.

The Scale of the Damage

The Department of Justice revealed that at least 47 U.S.-based victims were affected, including organizations in New Jersey. Some victims paid millions to recover stolen data. During one investigation, authorities seized cryptocurrency wallets tied to Jubair, recovering about $36 million. Still, the group had already moved over $8 million to other hidden accounts.

If convicted, Jubair faces up to 95 years in prison for computer fraud, wire fraud, and money laundering conspiracies.

What This Means for Businesses

The case shows how ransomware and cyber extortion remain major threats to American companies. It also proves that attackers are getting younger, smarter, and harder to catch. Criminals are not only going after big corporations. They also look for weak points in supply chains, small businesses, and local infrastructure.

The FBI stressed that no cybercriminal is out of reach. With help from partners in the UK, Netherlands, Romania, Canada, and Australia, law enforcement is showing that global cooperation works. Still, prevention is better than recovery.

How OSRS Can Help

At ÒGÚN Security Research and Strategic Consulting (OSRS), we help businesses prepare for these kinds of threats. Our team provides:

• Cyber Risk Assessments to identify weak points in your network.

• Incident Response Planning so you know what to do if ransomware strikes.

• Employee Training to stop social engineering attacks before they succeed.

• Compliance Guidance to align with global standards and regulations.

We also support organizations with digital forensics and investigations to track down cyber intrusions and strengthen future defenses.

Final Thoughts

The arrest of Thalha Jubair is a win for global cybersecurity. But it also reminds us that cybercrime does not stop. Businesses must act now to protect their systems, data, and people. With the right strategy and partners, you can defend against these threats.

About the Author

Dr. Sunday Oludare Ogunlana is a cybersecurity scholar-practitioner and the founder of ÒGÚN Security Research and Strategic Consulting (OSRS). He leads efforts in AI governance, digital forensics, and cyber risk management to help organizations stay secure in a changing threat landscape.