Marks & Spencer’s ransomware nightmare

During Easter, retail giants and Spencer (M&S) found it suffered a highly damaged ransomware attack that left some stores empty shelves, closed online orders, some employees unable to enter and exit, and caused some major suppliers to turn to pens and paper.
In an abuse-filled email to M&S CEO Stuart Machin, Dragonforce Hacker Group claimed responsibility for the attack.
according to BBC News Report, part of this message read:
“We have come all the way from China to the UK, ruthlessly raped your company and encrypted all servers”
To curb the attack, M&S shut down the VPN that staff use to work remotely. While this and other actions help stop the attack from spreading, it also further undermines the company’s operations.
There is no doubt that the ransomware attack has a big impact on the M&S bottom line: lost sales per week is about £40 million.
And, the attack is not only news about retail giants and their suppliers. Last month, the company revealed for the first time that customer data was stolen by hackers – including phone numbers, home addresses and dates of birth.
M&S blamed the cyber attack on “human error” and pointed out in the direction of TATA Consulting Services (TCS) employees, which provided IT services to the retail giant.
Some reported claims from insiders at M&S headquarters that the company did not have proper plans to handle ransomware incidents, although the company has formally filed objections, saying it does have a strong business continuity plan.
Regardless of the facts, it is clear that more and more companies need to develop a comprehensive testing plan on how to remedy ransomware attacks and other types of cybersecurity vulnerabilities.
They are also a wise choice to carefully evaluate whether they are currently taking enough measures to defend their systems from consistent attacks by hackers – whether it is directly arriving or through a third-party vendor.