Marks & Spencer, Harrods and Co-op have all been targeted recently, possibly by the same ransomware gang. Here’s some commentary FYI;
Si West, Director of Customer Engagement at Resilience, says this;
The cyberattack on Marks & Spencer, reportedly carried out by the group known as Scattered Spider, underscores a growing trend in cybercriminal activity: sophisticated, socially engineered intrusions targeting even the most well-established brands. What makes this incident particularly concerning is the group’s use of advanced tactics like SIM swapping and MFA bypass—techniques once considered niche but now increasingly mainstream among cyber threat actors.
From a risk management standpoint, this attack is a stark reminder that technical defences alone are insufficient. Organisations must embed cybersecurity resilience into their broader enterprise risk frameworks. This includes regularly testing incident response plans, running employee phishing simulations, and reassessing third-party risk exposure. Resilience must go beyond IT and involve the entire leadership team.
The role of cyber insurance also comes into sharp focus here. While no policy can undo the operational and reputational damage caused by such an incident, a robust cyber insurance policy can significantly reduce the risk of material financial losses. A good policy should cover business interruption losses, forensic investigation and legal costs. At Resilience, we partner with our insureds on an ongoing, proactive basis to reduce the likelihood of an incident of this scale happening. That being said, this does not mean a business would be immune to these types of attacks. It means they will be more likely to withstand them better, respond effectively, and recover whilst minimising losses.
Commenting on cyber attacks hitting UK retailers, Ian Birdsey, Partner at international law firm, Clyde & Co said:
“The recent wave of cyber attacks on retailers reveals not only the potential vulnerability of even large corporations, but also the growing sophistication of cyber criminals. Although some of these attacks have been successfully defended by retailers, they can still cause significant operational disruption to the retailer and its customers. The volume and richness of customer data stored by retailers with online operations is often what makes them such viable targets, susceptible to blackmail and ransom where those criminal attacks succeed.
In an increasingly digitised world, businesses are almost completely dependent on internet-enabled systems, from lighting and air conditioning to security surveillance and self-checkouts, plus exposures from third party supply chains, which makes those with physical store fronts just as vulnerable to infiltration by malicious actors looking to disrupt operations. Robust cyber security measures and contingency plans for when disaster strikes, whether it be caused by criminals or because of an accidental system failure, are crucial to maintaining business as usual and protecting against financial losses.”
20 years experience as a journalist and magazine editor. I'm your contact for press releases, events, news and commercial opportunities at Insurance-Edge.Net
Cofense™, the global leader in intelligent phishing defense solutions, announced its strategic relationship with CNA, one of the largest commercial property and casualty insurance companies in the United States. Cofense will provide security awareness training as […]
2021 looks set to be a tough year financially for a great number of people, which could lead to more cyber crime. Insurers and brokers need to be aware of the threats and it’s worth […]
The COVID-19 outbreak is forcing millions of employees to work from home. This means countless organisations are faced with a unique challenge: how to keep as many business-critical functions running as possible whilst maintaining adequate […]
Be the first to comment