A string of high-profile cyber attacks on major retailers, including Harrods and Marks & Spencer, highlights the growing vulnerability of the sector to sophisticated hacking. As companies struggle to keep up with evolving threats, experts are sounding the alarm about the need for increased vigilance and transparency.
The luxury department store Harrods has become the latest retailer to fall victim to a cyber attack, with the company restricting internet access at its sites in an attempt to keep systems safe. The incident comes just days after the Co-op shut down parts of its IT systems to fend off a hack, while Marks & Spencer continues to deal with a cyber attack that has cost it millions of pounds in lost sales.
The spate of attacks on Harrods, the Co-op, and M&S serves as a ‘wake-up call’ for retailers, according to Richard Horne, chief executive of the National Cyber Security Centre (NCSC). The NCSC is working closely with the affected companies to fully understand the nature of the attacks and provide expert advice to the wider sector.
Retailers are increasingly vulnerable to cyber threats due to the volume of customer data they handle, warned Cody Barrow, former cyber chief at America’s National Security Agency. ‘For consumers, vigilance is crucial: update passwords, monitor financial activity, and watch for scams exploiting recent breaches,’ he added.
Retailers face a significant threat from cyber attacks, with data breaches and online fraud costing billions of dollars annually.
According to the Identity Theft Resource Center, the number of data breaches in the retail industry increased by 22% in 2020.
Common types of cyber threats include phishing scams, malware infections, and unauthorized access to customer data.
To mitigate these risks, retailers must invest in robust cybersecurity measures, including encryption, firewalls, and employee training.
Marks & Spencer has seen its operations severely hampered by a cyber attack, with customers unable to place online orders and shelves left empty in some stores. The police are investigating. Meanwhile, the Co-op has taken steps to prevent further attacks, including ordering staff to keep their cameras on during remote work meetings and verifying all attendees.
The disruption at M&S was a ransomware attack, believed to have been carried out by a group known as ‘DragonForce‘. ‘The incident highlights the growing difficulty large organisations have in securing against threats in their supply chain, particularly as those threats grow in volume and sophistication.’ According to Toby Lewis, Head of Threat Analysis at cybersecurity firm Darktrace, it is possible that all three retailers share a common supplier or technology that has been compromised and used as an entry point for hackers.
The DragonForce ransomware attack is a type of cyberattack that encrypts a victim's files and demands payment in exchange for the decryption key.
It was first identified in 2017 and has since been used in various attacks worldwide.
The malware spreads through phishing emails, exploiting vulnerabilities, or using stolen credentials.
Once activated, it scans the system for files to encrypt, often targeting sensitive data such as financial records and personal documents.
According to a report by Cybersecurity Ventures, ransomware attacks cost businesses over $20 billion annually.
The chair of Parliament’s Business and Trade Committee, Liam Byrne, has written to Marks and Spencer’s chief executive, Stuart Machin, requesting further information about M&S’s cybersecurity defences. This incident highlights the importance of transparency in the face of cyber attacks, as companies must be open with their customers and stakeholders about what happened and how they plan to prevent similar incidents in the future.
