UK businesses hit by cyberattacks, halting car production & grocery supply

Jaguar Land Rover is the third big British brand to have its operations severely affected by a breach this year. For more than a month, Jaguar Land Rover hasn’t built a single car.   The production halt has probably cost the company millions of pounds a day. Jaguar Land Rover has not confirmed the nature of the attack, though cybersecurity experts say it was most likely an extortion-based attack, in which hackers steal data or block systems until a ransom is paid. 

 Cyberattacks seem inevitable lately, and large-scale theft of customer data has begun to feel almost routine. Attacks that upend company operations are exposing troubling vulnerabilities. 

 

Three of the country’s biggest brands — the retailer Marks & Spencer, the supermarket chain Co-op, and Jaguar Land Rover — were all severely disrupted by cyberattacks this year, bringing pain to the lives of customers, workers, suppliers and government officials.  When the company halted production, it also stopped payments to suppliers, some of which have since begun cutting staff hours or laying off workers.  Those businesses were already contending with a shrinking auto industry in Britain and higher tariffs for vehicles sent to the United States, one of Jaguar Land Rover’s most important markets. After the attack, the government provided the automaker with a guarantee on a $1.5 billion loan that it could use to support its suppliers. 

In the spring, Marks & Spencer stopped online orders for nearly two months, food deliveries to stores were interrupted and staff resorted to manual processes.  The retailer said the attack would cost it about £300 million ($400 million) this year, though insurance would cover some it. Around the same time, an attack on Co-op led to a widespread shortage of goods, and the contact details of its 6.5 million members were stolen.  The episode led to over £200 million in lost revenue, the firm said last week. For some customers, the disruption was critical.  The grocery store chain is the main food source for some islands in Scotland. “They were running out of food,” said Jude McCorry, the chief executive of the Cyber and Fraud Center in Scotland. “The shelves were empty.” 

In Britain, legislation requires businesses to protect customer data, but that does not go far enough, McCorry said.  Businesses need to know if they can keep up their core purpose in the event of an attack. Experts say it is more common for cyberattacks on British companies and public agencies to come from Russia or neighbouring countries. “Scattered Spider is

unusual in that it’s homegrown,” said Jen Ellis, a government adviser on cybersecurity, but she added that the group’s connection to the attacks was unconfirmed. 

Experts and government officials warn that businesses must improve their defenses and response plans. They are even raising the alarm that such attacks could become a form of cyberwarfare. The attacks show a “big strategic vulnerability,” said Martin, the former British intelligence official. Criminals can halt operations for money, but coordinated attacks from state actors could cause social and economic disruption, he added. In such attacks, hackers may not “be looking for money,”  “So you wouldn’t be able to buy your way out.”