M&S cyber-attack linked to notorious hacking group Scattered Spider has wiped over £500m off the stock market value of M&S in the past week, with online sales suspended for a fifth day.
The disruption caused by the hack has wiped over £500m off the stock market value of M&S in the past week.
M&S cyber-attack linked to hacking group ‘Scattered Spider’ , which is previously thought to have hit MGM Resorts and the US casino operator Caesars. The group, which includes people from the UK and the US, has been found to have encrypted key M&S systems using ransomware.
Scale of the Attack
The disruption caused by the hack – and uncertainty over when it will end – has had a significant impact on the company’s operations. Online sales at M&S, which account for an average £3.8m a day, were suspended for a fifth day.
How the Attack Began
It is reported that the attack may have originated from one of M&S‘s service suppliers. However, it is unclear if the company was directly targeted. The hackers are believed to have stolen M&S data as early as February, which could have helped them gain access to key systems.
The Motivation Behind the Attack
According to ‘Tim Mitchell’ , a senior security researcher at Secureworks, the extent of the disruption caused by the attack suggests that it was subject to a ransomware attack. These attacks encrypt access to important systems and demand a ransom in return for a key to unlock them.
Mitchell also noted that ‘Scattered Spider’ appears to be ‘quite unusual’ as a hacking group due to their largely English-speaking nature, unlike most groups which are based in places with more permissive environments where they have more freedom to operate. He added that their motivation may be as much about bragging rights on social media channels as about money.
Potential Methods Used by the Hackers
“Julius Černiauskas”, the chief executive of web intelligence experts Oxylabs, stated that following the M&S cyber-attack and potential involvement of ‘Scattered Spider’ , all major UK retailers will be seriously worried if they’ll be tangled in the web next. He noted that ransomware gangs typically target companies like M&S with the aim of causing maximum disruption to force a quick payout.
Ransomware gangs are groups of cybercriminals that use ransomware malware to extort money from victims.
They typically target organizations and individuals, encrypting files and demanding payment in exchange for the decryption key.
According to a report by Cybersecurity Ventures, ransomware attacks resulted in $20 billion in losses in 2021.
Ransomware gangs often operate anonymously, using encrypted communication channels and cryptocurrencies to facilitate transactions.
Law enforcement agencies struggle to track these groups due to their decentralized nature.
Impact on M&S Operations
Shoppers are still able to browse online and shop in M&S‘s physical stores using cash or cards, but some difficulties continue in stores. Gift cards are not currently being accepted, and returning goods is only possible at tills in clothing and homeware stores or via post. Food stores are not currently able to accept returns.
Conclusion
The M&S cyber-attack has highlighted the significant impact that ransomware attacks can have on companies. As experts warn, all major UK retailers will be seriously worried about being targeted by these groups in the future.
Ransomware is a type of malicious software that encrypts a victim's files or locks their device, demanding a ransom in exchange for the decryption key.
It often spreads through phishing emails, infected software downloads, or exploited vulnerabilities.
According to recent statistics, over 400,000 ransomware attacks occur daily, resulting in significant financial losses and data breaches.
Ransomware attacks can be devastating, especially for small businesses and individuals who may not have the resources to recover from such incidents.
- theguardian.com | M&S cyber attack linked to hacking group Scattered Spider
