The chairman of retailer Marks & Spencer (MKS.L), opens new tab, stated on Tuesday that two recent significant assaults on big UK companies had gone unreported and that British companies should be legally obligated to notify the authorities of substantial cyberattacks.
During his testimony before the Business and Trade Committee of parliament, lawmakers discussed the April cyberattack that forced M&S to halt online sales for almost seven weeks. Archie Norman revealed that the group had discovered that “quite a large number” of significant cyberattacks are never reported to the National Cyber Security Centre (NCSC).
“In fact we have reason to believe there’ve been two major cyberattacks on large British companies in the last four months which have gone unreported,” he said.
According to Norman, this indicated “a big deficit” in cybersecurity expertise.
“So I don’t think it would be regulatory overkill to say if you have a material attack … for companies of a certain size you are required within a time limit to report those to the NCSC.”
Norman stated that the matter was “fully shared” with the National Crime Agency and other law enforcement agencies, but he declined to confirm if M&S had paid any ransom.
“Loosely aligned parties” collaborated on the M&S cyberattack, he claimed.
“We believe in this case there was the instigator of the attack and then, believed to be DragonForce, who were a ransomware operation based, we believe, in Asia.”
The assault has previously been attributed in the media to a hacker gang called Scattered Spider, which uses DragonForce malware.
“When this happens you don’t know who the attacker is, and in fact they never send you a letter signed Scattered Spider, that doesn’t happen,” said Norman.
He said that when the threat actor first gained access to M&S’s networks on April 17 through a “social engineering” operation, it wasn’t contacted for around a week.
M&S stated in May that the assault would result in lost operational profit of around $300 million ($409 million).
Although M&S’s claim might take 18 months to process, Norman said the company was lucky to have quadrupled its cyberattack insurance coverage last year.
Following a 46-day hiatus, M&S began accepting online orders for apparel lines on June 10; however, click and collect services have not yet been restored.
Stuart Machin, the CEO of M&S, assured investors last week that the company will recover from the attack’s worst effects by August.
M&S General Counsel Nick Folland told the MPs that ensuring that firms can function using pen and paper is a key lesson learned from the crisis.
“That’s what you need to be able to do for a period of time whilst all of your systems are down,” he said.
Also read:Â Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter |The Mainstream formerly known as CIO News Whatsapp Channel | The Mainstream formerly known as CIO News Instagram
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
