The UK retailers, Marks & Spencer, Harrods and the Co-Op, who have been hit by a flurry of cyber-attacks over the last two weeks, have immediately experienced a loss in consumer and investor confidence.
Marks & Spencer, for example, saw its share price initially drop by over seven per cent, wiping over £650 million (US$865 million). M&S is also suffering significant revenue loss after pausing its online orders over a week ago in the wake of the attack. So far, M&S has remained tight-lipped regarding what is acknowledged to be a cyber-attack, although there is widespread belief that it was executed by Scattered Spider, also known as UNC3944, a hacking group mostly made up of teens and young adults in the UK and the US. M&S is understood to be working with GHQ’s National Cyber Security Centre to trace the source of the breach.
Scattered Spider was responsible for the hacking and extortion of Caesars Entertainment and MGM Resorts International and has also targeted Visa, PNC Financial Services Group Inc., Transamerica, New York Life Insurance Co., Synchrony Financial, Trust Bank, and Twilio.
The M&S attack was quickly followed by cyberattacks on two other retailers, Harrods and UK supermarket chain the Co-Op. Although the source of the breaches has yet to be revealed, the fact that three major retailers have been hit in a matter of days has led to industry speculation that all three could be the result of a supply-chain vulnerability with a common supplier.
Supply-chain vulnerabilities
Cybercriminals are becoming increasingly adept at exploiting weaknesses in even the best-defended organizations’ supply chains. As any chain is only as strong as its weakest link, supply-chain attacks are becoming increasingly hard to defend against.
The Co-Op, whose online platforms and stores are still functioning, says it is monitoring the situation closely. It has also told staff to keep their cameras switched on during all remote meetings and to verify the identities of all those participating. This is an indication of another growing vulnerability now facing all organizations, not merely retailers. Deepfake voice and video calls are increasingly easy to produce and have already been used to impersonate key personnel during online meetings.
