
How working from home made Britain a sitting duck for cyber attackers
Former M&S boss Lord Stuart Rose has long branded himself an 'unreconstructed get-back-to-work man', claiming the practice of working from home is damaging both the economy and employees' wellbeing.
Now, the 76-year-old businessman may have another reason to oppose remote working – with the arrangement possibly putting one of Britain's best-loved retailers, and his former employer, at the mercy of hackers.
Since Easter weekend, M&S has been reeling from a major cyber attack that has paralysed online orders, disabled contactless payments in-store, and wiped nearly £700 million off its market value.
And M&S is not the only retailer that has been subjected to such an attack. Earlier this week, the Co-op said it was having to fend off hackers and, on Thursday evening, luxury department store Harrods said they had 'recently experienced attempts to gain unauthorised access to some of their systems'. In a statement, the store added: 'Our seasoned IT security team immediately took proactive steps to keep systems safe and as a result we have restricted internet access at our sites.'
Harrods said all its stores remained open and it is unknown if the three attacks are related.
Though M&S bosses have yet to reveal the cause, questions are mounting over whether the hackers were able to penetrate the multibillion-pound firm's cyber defences through one of its remote workers.
It would not be a surprise as for years security experts and intelligence agencies have warned that hackers are targeting remote workers as the weakest link in the chain in a company's digital infrastructure.
Indeed, just last year the retailer – which is understood to allow staff to work two days a week at home – warned in its annual report that WFH was increasing its exposure to cyber attacks.
But why? The answer is simple – computers in most corporate offices have a vast array of tough defences installed to keep bad actors out, from firewalls to secure internet routers, all of which are kept under close watch by the on-site security team.
Yet such protection wanes as soon as staff are out the revolving doors. Suddenly, the onus falls instead on the employee, whether it's keeping their devices updated or being vigilant when using unsecured public WiFi while working in cafes.
A survey by Malwarebytes Lab, carried out around six months after the first Covid lockdown, found one in five businesses had faced a security breach as a result of a remote worker.
Four years later, a poll by Absolute Security in 2024 revealed three out of four bosses still believed staff working from home was their 'biggest weakness' when trying to defend against cyber attacks.
How do the hackers get in?
Experts believe M&S was infected by a ransomware called Dragonforce, a malicious software that locks a user out of their computer or network and scrambles the data – with the criminals demanding a fee to unlock it.
In its rush to contain the attack, M&S bosses quickly moved to lock remote-working staff out of the company's internal IT systems. But could these remote workers have also been the crucial weakness that let the hackers in?
To infect a computer, hackers need to find a chink in digital defences – and staff working from home can often be easy prey. A common target is through a virtual private network (VPN), used by remote employees to securely connect to their office networks.
Such software is only useful if it's kept up-to-date and uses multi-factor authentication, which requires several forms of verification to access. In 2021, investigators traced the huge ransomware attack that took down the Colonial Pipeline – which supplies 45 per cent of United States' fuel on the East Coast – to an old version of a VPN account commonly used by remote employees.
The same year, a hacker gained control of the Oldsmar water treatment plant in Florida, and tried to poison the supply by increasing the chemical content, through a remote access software called TeamViewer. All the plant's computers were using the same password for remote access, and were running on an outdated Windows operating system.
In other words, both were ripe for exploitation. In 2022, an alert by the Five Eyes intelligence alliance warned that the Microsoft software, Remote Desktop Protocol (RDP), that linked 'millions' of Britons to their company networks, was 'one of the top ways' Russian hackers could potentially gain a crucial foothold within critical infrastructure, from the NHS to nuclear power stations.
Yet often, the real weakness is not a system flaw but the people behind the systems – either the security team or the employees themselves. One of the most popular methods of gaining unauthorised access is 'social engineering', which involves tricking humans into compromising their security.
Such tactics were used in the attack on Twitter in July 2020 when a 17-year-old boy was able to gain access to 130 celebrity Twitter accounts – including Barack Obama, Kim Kardashian, and its future owner Elon Musk – to promote a Bitcoin scam.
An investigation by the New York State Department of Financial Services found the teen had 'directly exploited Twitter's shift to remote working' by calling up employees and pretending to be from the IT department to get access to the internal systems.
Who carried out the M&S attack?
Earlier this week it was revealed the Met Police are investigating whether the M&S attack was carried out by a hacking collective called Scattered Spider. The group first appeared in 2022 and have already been linked to more than 100 targeted attacks, including US casino operator Caesars, which paid over £11 million to restore its network.
Unlike the majority of such gangs, who are generally based in places such as Russia, the group are English-speaking and known to include UK and US citizens, some as young as 16. Their motivation is said to be as much about bragging rights as money.
According to the FBI, the group's modus operandi is tricking people into letting them into their systems, from impersonating IT staff to 'sim swapping', a tactic in which a fraudster persuades their victim's mobile provider to transfer the phone number to a sim card under their control.
'Scattered Spider have been linked to dozens of attacks over the last few years and their clever tactics often target the human element,' Jake Moore, global security advisor at cybersecurity software company ESET, tells The Telegraph. Moore points to remote workers in particular as a potential target. 'Working from home adds yet another attack entry point which has limited control.'
'Hybrid work has made enforcing security standards a minefield'
He reveals how, as a test, he once hacked into the work account of a superintendent simply by calling the Police HQ help desk. 'They asked me two security questions, which were easy to find out the answers to online – vehicle registration and shoulder number – and then I was able to convince them I was the superintendent and had forgotten my password after being on holiday for two weeks.
'They reset the password to a new string of text and gave me the password over the phone. I then logged in and had full access to the police networks. At this point I made the chief constable aware of this vulnerability.'
The heightened danger of WFH on M&S's cybersecurity is not a view shared by all however. 'That's total BS as far as I'm concerned,' says Ciaran Martin, ex-chief executive of the UK's National Cyber Security Centre (NCSC). 'I don't have a strong view on either side of the culture war, but it's not a thing, so far as I understand the details in this incident specifically.
'I was head of the NCSC when lockdown one happened, and I was stunned at how little rise there was in cyber harm when we went on an unplanned, short-notice experiment in home working. Turns out the bring your own device security and other remote working things we'd been doing for years before 2020 worked pretty well. We have many systemic problems in cyber security but remote working isn't on my list!'
But the NCSC is clearly aware of the vulnerabilities, saying in an advisory note published in April 2020 that 'the surge in home working has increased the use of potentially vulnerable services… amplifying the threat to individuals and organisations'.
Often, remote workers are the first in line to have their access removed from internal systems when there is an attack – suggesting security teams are wary of the threat. As it battled to contain damage from its cyber attack, on Wednesday, Co-op told staff they could no longer log on to the company's IT system from home, a 'proactive measure' it explained after detecting 'third parties' trying to break in over the weekend.
Indeed, experts warn the threat to companies from remote work is only rising with the advent of generative AI, the technology behind chatbots. Not only is it making social engineering easier, both in terms of scale and its believability, but it is also inadvertently giving away vast swathes of confidential company data to third parties that in-house security teams have no ability to protect.
'Hybrid work has made enforcing security standards a minefield,' says Arkadiy Ukolov, co-founder of Ulla Technology. 'Employees increasingly rely on AI-powered tools such as ChatGPT – often outside corporate oversight – unaware that these systems may quietly harvest client data to train their models. This opens doors to data leakages where third parties gain access to very sensitive information.'
'The risk isn't theoretical – it's happening in the background, right now,' he adds. In response, the London-based firm has developed an AI-powered assistant that can be integrated into a company's infrastructure to keep the data private. 'The most vulnerable industries are the legal sector, government departments and the NHS.
'Their employees manage highly sensitive information such as intellectual property, corporate secrets and medical documents on a daily basis. For them, poorly managed hybrid working systems pose an existential security threat.'

Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles

South Wales Argus
an hour ago
- South Wales Argus
Award-winning Aldi, Co-op, Asda, Sainsbury's and Tesco wines
From a £7 Portuguese red to a £22 vintage Champagne, UK supermarkets picked up dozens of top medals for their own-brand bottles, with wines from Aldi, Tesco, Sainsbury's, M&S, Co-op, Asda and Waitrose going head-to-head with fine wine producers from around the globe. In one of the most competitive judging seasons yet, wines from major UK grocers earned Gold, Silver and Bronze medals across every style, from English sparkling to Barolo, Rioja, and Sauternes – many at everyday prices. Top medal winners from the IWSC 2025 Pop these award-winners in your trolley this weekend Aldi Animus Douro Reserva 2022 – Silver (94 points), £6.99 A full-bodied Portuguese red, praised for its richness and structure. One of the best-value medallists of the year. Asda Extra Special Rioja Reserva 2019 – Silver (94 points), £8 Classic vanilla, spice, and red fruit Rioja profile, praised for structure and ageing potential. M&S Collection Picpoul de Pinet 2023 – Silver (91 points), £9 A crisp, coastal white from the Languedoc – ideal summer drinking. Sainsbury's Taste the Difference English Bacchus 2023 – Silver (92 points), £9.50 A fresh, zesty white made in England, earning high praise in a competitive aromatic white category. Tesco Finest Sauternes (37.5cl) – Gold (92 points), £12 A classic French dessert wine, offering luscious, honeyed fruit for under half the price of château equivalents. Sainsbury's Taste the Difference Barolo 2019 – Silver (90 points), £14 An accessible expression of Italy's king of wines, delivering dark cherry and rose petal notes. Co-op Les Pionniers Vintage Champagne 2013 – Gold (95 points), £22 The only supermarket Champagne to win Gold. A standout vintage with complex brioche and citrus notes. Sainsbury's Taste the Difference Châteauneuf-du-Pape 2022 – Gold (95 points), £16 A bold southern Rhône red made in partnership with top estates, described by judges as 'impressively elegant.' M&S Collection Saint Gall Premier Cru Champagne NV – Gold (95 points), £28 Elegant, chalky, and finely textured – made in partnership with a historic grower in Épernay. Waitrose No.1 English Sparkling Brut NV – Silver (91 points), £22.99 One of the UK's most awarded sparkling wines, holding its own against Champagne. David Kermode, IWSC judge and broadcaster, says: "These results are a wake-up call for anyone who still associates great wine with high prices. "The best supermarket own-label ranges are now being made by some of the most respected producers in the world and the blind tasting at IWSC proves just how well they perform." Christelle Guibert, CEO of the IWSC, added: "At the IWSC, every wine is judged blind by a panel of experts from across the globe. What makes this year especially exciting is the number of affordable supermarket wines standing out alongside premium bottles. It's proof that great winemaking doesn't have to come with a luxury price tag." Recommended reading: The International Wine & Spirit Competition (IWSC) is widely regarded as the gold standard for wine and spirit quality. With entries judged blind by Masters of Wine, sommeliers, buyers and producers, its rigorous methodology ensures medals are awarded purely on taste and quality – with judges never seeing the bottle or label, eliminating all bias or visual influence. Celebrated globally for its integrity and expertise, the IWSC remains one of the most respected and trusted competitions in the drinks industry.

Western Telegraph
2 hours ago
- Western Telegraph
Award-winning Aldi, Co-op, Asda, Sainsbury's and Tesco wines
From a £7 Portuguese red to a £22 vintage Champagne, UK supermarkets picked up dozens of top medals for their own-brand bottles, with wines from Aldi, Tesco, Sainsbury's, M&S, Co-op, Asda and Waitrose going head-to-head with fine wine producers from around the globe. In one of the most competitive judging seasons yet, wines from major UK grocers earned Gold, Silver and Bronze medals across every style, from English sparkling to Barolo, Rioja, and Sauternes – many at everyday prices. Top medal winners from the IWSC 2025 Pop these award-winners in your trolley this weekend Aldi Animus Douro Reserva 2022 – Silver (94 points), £6.99 A full-bodied Portuguese red, praised for its richness and structure. One of the best-value medallists of the year. Asda Extra Special Rioja Reserva 2019 – Silver (94 points), £8 Classic vanilla, spice, and red fruit Rioja profile, praised for structure and ageing potential. M&S Collection Picpoul de Pinet 2023 – Silver (91 points), £9 A crisp, coastal white from the Languedoc – ideal summer drinking. Sainsbury's Taste the Difference English Bacchus 2023 – Silver (92 points), £9.50 A fresh, zesty white made in England, earning high praise in a competitive aromatic white category. Tesco Finest Sauternes (37.5cl) – Gold (92 points), £12 A classic French dessert wine, offering luscious, honeyed fruit for under half the price of château equivalents. Sainsbury's Taste the Difference Barolo 2019 – Silver (90 points), £14 An accessible expression of Italy's king of wines, delivering dark cherry and rose petal notes. Co-op Les Pionniers Vintage Champagne 2013 – Gold (95 points), £22 The only supermarket Champagne to win Gold. A standout vintage with complex brioche and citrus notes. Sainsbury's Taste the Difference Châteauneuf-du-Pape 2022 – Gold (95 points), £16 A bold southern Rhône red made in partnership with top estates, described by judges as 'impressively elegant.' M&S Collection Saint Gall Premier Cru Champagne NV – Gold (95 points), £28 Elegant, chalky, and finely textured – made in partnership with a historic grower in Épernay. Waitrose No.1 English Sparkling Brut NV – Silver (91 points), £22.99 One of the UK's most awarded sparkling wines, holding its own against Champagne. David Kermode, IWSC judge and broadcaster, says: "These results are a wake-up call for anyone who still associates great wine with high prices. "The best supermarket own-label ranges are now being made by some of the most respected producers in the world and the blind tasting at IWSC proves just how well they perform." Christelle Guibert, CEO of the IWSC, added: "At the IWSC, every wine is judged blind by a panel of experts from across the globe. What makes this year especially exciting is the number of affordable supermarket wines standing out alongside premium bottles. It's proof that great winemaking doesn't have to come with a luxury price tag." Recommended reading: The International Wine & Spirit Competition (IWSC) is widely regarded as the gold standard for wine and spirit quality. With entries judged blind by Masters of Wine, sommeliers, buyers and producers, its rigorous methodology ensures medals are awarded purely on taste and quality – with judges never seeing the bottle or label, eliminating all bias or visual influence. Celebrated globally for its integrity and expertise, the IWSC remains one of the most respected and trusted competitions in the drinks industry.


Reuters
2 hours ago
- Reuters
Morgan Stanley CEO 'super pumped' as deal pipelines stay resilient
NEW YORK, June 10 (Reuters) - Morgan Stanley CEO Ted Pick told investors on Tuesday he expected the Wall Street bank to have a strong end to the quarter after U.S. tariff announcements paused activity in April. "I'm super pumped up about the businesses," Pick said at an annual financial conference hosted by his bank. Dealmaking and the calendar for equity capital markets are picking up, while deal discussions have stayed resilient and become more active in some areas, he added. Morgan Stanley is the lead underwriter of financial technology company Chime's initial public offering, which is expected to close later this week and raise as much as $832 million. The bank also led IPOs for Hinge Health, raising $437.3 million, and marketing tech firm MNTN, which raised $187.2 million, in May. "We had maximum tariff volatility through the first half of the quarter," he said, adding deals were paused through April and part of May. That has been changing over the last weeks. On M&A, Morgan Stanley advised financial firm TJC in the sale of Silvus Technologies to Motorola for $5 billion and AT&T on the $5.75 billion acquisition of Lumen Technologies' consumer fiber operations. Pick also cited the bank's role in advising Toyota's special board committee on the proposal to take the company private. The Morgan Stanley CEO said changes in the banking regulatory framework would be welcome, and that if rules to calculate the supplementary leverage ratio, known as SLR, change, the bank may be able to analyze potential acquisitions. Pick has been one of the most optimistic CEOs during market volatility after the announcement of tariffs. While presenting strong first-quarter profit in April, he said he was "cautiously optimistic that we won't go into recession". Morgan Stanley reported record equity trading revenue in the first quarter, with a 45% jump from a year earlier. Pick took the helm as CEO a year and a half ago, and last month also became chairman of the board as former Chairman and CEO James Gorman left the bank. Gorman had turned Morgan Stanley into a wealth management behemoth during his tenure, raising the bank's profits and turning results more predictable. Last March, Morgan Stanley began laying off 2,000 employees, around 3% of its global workforce, to improve operational efficiency. The bank followed decisions by Wall Street rivals to cut jobs to prepare for a potential downturn.