UK retailers Marks & Spencer and Co-op face potential cyber threats
In recent UK news, Marks and Spencer and Co-op have found themselves amidst a intensifying cybersecurity debacle. From M&S suspending online orders to Co-op locking down parts of their systems, it's clear that cyber threats have transformed from a tech-focused issue to a full-blown business continuity crisis.
"Cyber resilience is crucial to overall business resilience," states Jon Abbott, CEO of ThreatAware, a cyber security firm. "And in an industry built on customer trust and reputation, the cost of downtime extends beyond lost revenue—it's long-term brand deterioration."
After detecting a potential breach, Co-op opted for proactive defense measures, but internal emails hint at a mounting level of concern. Employees were instructed to keep cameras on during calls, refrain from transcribing meetings, and report suspicious messages—indications that hackers might already have infiltrated their systems.
These events follow M&S's ransomware attack, believed to be orchestrated by Scattered Spider, a splinter group of Lapsus$, a well-known hacking group responsible for notable breaches at Transport for London (TfL) and MGM resorts. The Metropolitan police and National Cyber Security Centre are currently investigating these incidents.
A Broader Picture
While these attacks may seem isolated, experts fear they're indicative of a rapidly deteriorating risk landscape.
Delinea's Spencer Young cautions, "The disruption caused by the attack on M&S, and now Co-Op, is significant." Hackers are exploiting weaknesses in unchecked cyber risks and lax monitoring of access, especially in remote work settings.
According to a report from SonicWall, over 600 new malware variants are created daily, and ransomware attacks cost companies an average of $4.91 million—far more than the actual ransom demand.
"Ransomware act as a hostage taker," explains Spencer Starkey, SonicWall's senior manager. "For retailers who serve customers daily, even minor downtime poses a severe threat."
Retail's Exposed Position
Retailers occupy a unique intersection thanks to their expansive customer data, sprawling supply chains, and often underfunded cybersecurity teams. This makes them an attractive target for criminal gangs, according to Jason Gerrard of Commvault.
"Criminals go for the big fish," Gerrard explains. "By disrupting a single point in a supply chain, they gain maximum leverage." They capitalize on potential reputational damage and regulatory pressure, which may motivate companies to pay larger ransoms.
Another concern is the response timeline; most companies take over three weeks to recover from a cyber attack, while some may take over 200 days. The delay usually stems from firms defining restoration needs only after a crisis has already occurred.
The Importance of Human Element
Beyond technical vulnerabilities, there is growing consensus that a strong culture can be as effective as robust security measures.
"Empathy is as powerful as a firewall during crises," says Vivek Dodd, CEO of Skillcast, a compliance training firm. "Acknowledging the issue and prioritizing people can turn customers from doubters to ambassadors."
Retailers are urged to prioritize cybersecurity at the business and board levels. This includes investing in identity security, scenario planning, and cyber drills, as well as educating employees on identifying phishing attempts and other cyber threats.
Yet, retail giants face more points of vulnerability than ever before due to AI-assisted automation of malware and phishing techniques.
Lessons in Resilience
Despite these challenges, both Co-op and M&S demonstrated mature incident response planning. "Now is the time to shift from reactive patching to proactive resilience engineering," says Scott Dawson, CEO of DECTA payments. "We need to bake security into every layer of our IT stack—not just slap it on as an afterthought."
As M&S and Co-op continue to rebuild, other retailers are reevaluating their resilience plans. Hopefully, this moment will trigger more investment in smart infrastructure and a cultural shift towards cyber readiness.
"Cyber security is no longer just the tech team's concern," says Abbott. "It's a board-level issue. It's a brand-level issue. And it's a survival-level issue."
- The cost of a cybersecurity breach expands beyond lost revenue, as it can lead to long-term brand deterioration, as stated by Jon Abbott, CEO of ThreatAware.
- In light of the recent attacks on M&S and Co-op, Spencer Young from Delinea warns that hackers are exploiting weaknesses in unchecked cyber risks and lax monitoring of access, especially in remote work settings.
- According to SonicWall's report, over 600 new malware variants are created daily, and ransomware attacks cost companies an average of $4.91 million, far more than the actual ransom demand.
- Jason Gerrard of Commvault suggests that retailers, with their expansive customer data, sprawling supply chains, and often underfunded cybersecurity teams, are attractive targets for criminal gangs.
- Scott Dawson, CEO of DECTA payments, emphasized the importance of shifting from reactive patching to proactive resilience engineering, suggesting that security should be integrated into every layer of IT infrastructure, not just added as an afterthought.
