The iconic Knightsbridge department store, Harrods, and British retail giant Marks & Spencer (M&, S) are the latest victims of cyberattacks in the UK.
One of the most well-known high-street stores in the United Kingdom, M&, S, is still accepting online orders, which has already resulted in millions of pounds in lost revenue as a result of the attack.
What we know about the incident, its effects, and where things are right now are as follows.
What transpired during the Marks and Spencer and Harrods cyberattacks?
- April 21: Marks &, Spencer customers report issues with making contactless payments and ordering click-and-collect services (both online and in-store). The business later confirms that a “cyber incident” is brewing.
- April 25: M&, S halts all online orders and removes all of its offline job postings. Store signs start flashing warning about limited food options. At M&, S food stores, gift cards and returns are not accepted.
- April 28: Some M&, S locations report no longer carrying popular goods like Percy Pigs candy and empty shelves in some stores. The Castle Donington warehouse in the UK’s East Midlands has instructions for around 200 agency workers to remain at home. Stores continue to experience shortages.
- April 29 through May 2: Job applications are still pending and M&, S’s website is still inaccessible. No further public updates have been made from the retailer. Physical stores are still open, but some product lines aren’t.
- The United Kingdom’s Metropolitan Police confirms its investigation into the attack on April 30.
- May 1: Harrods, a luxury department store in London, confirms a cyberattack but promises that business will continue as usual. The company has not disclosed the extent of the breach or the leakage of customer data.
M&, S is back online, though.
The online services offered by M&, S have not fully reopened. Customers can browse online, but they can’t finish making purchases. Gift cards are still being accepted in stores, which also causes some issues.
A recovery timeline has not been established by the company.
What led to the attack on these retailers?
Experts believe the company’s system shutdown suggests a likely ransomware incident, despite M&, S’s not confirming the type of cyberattack it experienced.
A type of malicious software that blocks access to files or systems until a ransom has been paid, which is typically in the form of cryptocurrency. Operationen can be stopped and crucial data can be held hostage by this type of software.
Harrods has not disclosed the details of its cyberattack, but experts think there may be something going wrong with it.
The cyberattacks are being investigated by both the Metropolitan Police and the National Cyber Security Center (NCSC). The NCSC has advised consumers to check bank activity and update passwords, as well as urges all retailers to strengthen their cybersecurity.
The most recent cyberattack was carried out by who?
Cybersecurity experts believe that the Scattered Spider, also known as Octo Tempest, is responsible for the attack on M&, S.
This loose network of mostly young, mostly English-speaking hackers exploit phishing techniques to break into company systems (messages where criminals deceive recipients into handing over sensitive information like login details), SIM swapping (taking control of someone’s phone number), and multi-factor Authentication fatigue (sending repeatedly authorized login requests until someone unintentionally approves one).
Scattered Spider is alleged to have used DragonForce, a ransomware, to access M&, S systems.
According to cybersecurity firm Akamai, phishing emails are one of the most frequent ways ransomware infiltrates a system. The goal of exploiting either a human error or a technical vulnerability is what is a common practice across all methods, according to its website.  ,
Important files are encrypted and spread through the malware, locking them so that the company can’t access or use them. The hackers then demand a key to unlock the data in exchange for a ransom.
Scattered Spider is an unusual hacking organization, according to Tim Mitchell, a senior security researcher at Secureworks, because most cybercriminal networks operate out of countries like Russia, where looser enforcement creates a more “permissive environment” for cybercrime.
Russia is ranked second in the world in terms of the highest cybercrime threat by the World Cybercrime Index, followed by Ukraine, China, the United States, Nigeria, and Romania.
How much have the businesses lost as a result of this attack?
More than 700 million pounds ($930 million) have been lost to Marks &, Spencer’s market value since the attack, with its share price falling by 6.5 percent, including a 2.2% drop on the day of the first disruptions, just by the 2.2% drop.
About 3.8 million pounds ($5.05 million) in daily revenue is generated by online shopping, which accounts for about one-third of M&, S’s clothing and home sales. This is a stream that has been halted as a result of the ongoing shutdown.
Nearly 200 job postings have also been removed from the company’s website.
Harrods, in contrast, has not yet disclosed any financial losses. It is a privately held company that does not typically release financial information to the public and does not have a stock price.
What has M&, S and Harrods said?
M&, S initially responded to the cyberattack by first letting users know about the breach and halting the affected services. Only two official statements were made since April 25, with the last one being released on April 25. However, communication has since stalled.
The retailer confirmed that it “as a precaution” by shutting down the store’s stock and logistics.
Harrods, in contrast, has not yet disclosed any financial losses. Harrods is “working closely with leading cybersecurity experts and law enforcement to investigate the incident and ensure the integrity of our systems,” according to a spokesperson.
Have there recently been any other cyberattacks of this nature?
Yes . The latest UK retailers to be affected by cyberattacks are M&, S, and Harrods.
Co-op, a British consumer cooperative that runs restaurants, funeral homes, and other businesses, also experienced an attempted breach the same week. Back-office and call center functions were impacted by the IT system shut down. Stores remained open throughout.
In June of this year, a ransomware attack targeted Synnovis, a partner of the UK’s National Health Service, which delayed more than 11, 000 medical appointments while keeping the patient data it relied on private. According to the UK government’s policy against paying cybercriminals, Qilin, the Russian-linked cybercriminal group demanded $50 million to restore access, but Synnovis refused to pay. The group responded by posting the stolen information online, including names, birthdates, NHS information, and information on blood test results.
Source: Aljazeera
Leave a Reply