Cyber attacks should act as “wake-up call” to businesses
Two of the UK’s major retailers are continuing to deal with the fall-out from cyber attacks which have caused crippling damage to their businesses.
Following the cyber attack on Marks & Spencer over Easter weekend, Co-op fell foul of attackers in the days afterwards and continues to experience significant disruption.
With Click & Collect services and online orders suspended, gaps soon started appearing in-store on shelves within some M&S stores while it was reported that it could take weeks before operations begin to return to normal.
The attack on the Co-op saw the security of its 20 million members’ personal data compromised, after ransomware group, Dragonforce reportedly told the BBC it had a sample of 10,000 customers’ data including their membership card numbers, names, home addresses, emails and phone numbers.
As of 5th May, the Co-op said it was continuing to experience “sustained malicious attempts by hackers” to access their systems, adding it was a “complex and ongoing situation” they are investigating in conjunction with the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA).
In the wake of the incidents, the NCSC issued essential guidance for retailers and businesses, stressing the importance of resilience and best practice to minimise the chances of falling victim to these attacks.
“Criminal activity online – including, but not limited to, ransomware and data extortion – is rampant,” said the NCSC. “Attacks like this are becoming more and more common, and all organisations, of all sizes, need to be prepared.”
Encouraging organisations to ensure two-step verification is deployed comprehensively, the NCSC also advises paying specific attention to Domain Admin, Enterprise Admin, Cloud Admin accounts, and checking if access is legitimate.
In a statement, the CEO of the Co-operative Group, Shirine Khoury-Haq thanked its member-owners for the continued support and sought to alleviate their concerns.
“The criminals that are perpetuating these attacks are highly sophisticated and our colleagues are working tirelessly to do three things,” she said.
“One to protect and defend our Co-op; two to fully understand the extent of the impact caused by the attack; and three to provide much-needed information to the authorities that may help them with their investigations.”
Acknowledging that the cyber criminals were able to access a “limited amount of member data”, Shirine Khoury-Haq added it was “obviously extremely distressing for our colleagues and members” and said she was “very sorry this happened”.
“We recognise the importance of data protection and take our obligations to you and our regulators seriously, particularly as a member-owned organisation.
“I appreciate you will want to know more, and I hope you will understand in order to protect our Co-op, we are limited as to the detail we can communicate at this time. I thank you for your patience and I will be back in touch as soon as possible.”
Meanwhile, customers have been reporting that some stores were informing customers they were “cash only” as card machines were offline, while others took to social media to highlight empty shelves in their local stores.
Co-op replied to some of these comments online apologising for stock issues and thanked customers for their support.
“Your store may be experiencing some product availability issues, please bear with us while we work hard on fixing some technical problems we are experiencing,” they said.
“We are continuing to serve our members and customers to the best of our ability and we are sorry if this means you might not be able to buy some of your usual products from us,” they added.
In a statement, NCSC CEO Dr Richard Horne said the disruption caused by the recent incidents impacting the retail sector were “naturally a cause for concern” to those businesses as well as consumers and the general public.
“The NCSC continues to work closely with organisations that have reported incidents to us to fully understand the nature of these attacks and to provide expert advice to the wider sector based on the threat picture,” said Dr Horne.
“These incidents should act as a wake-up call to all organisations. I urge leaders to follow the advice on the NCSC website to ensure they have appropriate measures in place to help prevent attacks and respond and recover effectively.”
