Don't pay hackers: Cyber Security chief's warning after major retail attacks
The head of the UK's cyber security agency, which is helping Marks & Spence r, the Co-op and Harrods manage the fallout from three suspected ransomware attacks, has warned that all companies should resist the financial demands hackers make.
'Our advice is organisations shouldn't pay ransoms,' Dr Richard Horne, CEO of the National Cyber Security Centre, part of GCHQ, said.
'If [companies] pay because they hope the ransom attackers won't publish information, well, they need to know that all they've got is a criminal's word for it. And if they pay to recover their systems, well, they should have recovery plans in place so they can recover their systems anyway.'
A ransomware attack occurs when hackers infect a company's computer systems with malicious software that encrypts files and locks users out, effectively paralysing parts of the IT network.
Attackers then demand payment, usually in cryptocurrency, in exchange for a decryption key or to prevent the publication of stolen data.
Horne explained, in the NCSC's experience, hackers tend to hold onto the data they steal and often don't unlock systems even when payments are made.
Two weeks ago, on April 22, Marks & Spencer first admitted that it was dealing with the fallout from a cyber attack.
Last week, the Co-op and Harrods revealed their systems had also been targeted by hackers.
Since then, several independent cybersecurity experts have said the evidence suggests the hacks were carried out by Scattered Spider, a ransomware group.
Yesterday, the technology news website Bleeping Computer reported that the hackers gained access to both the Co-op's and M&S's networks by impersonating employees, contacting the retailers' IT helpdesks and tricking helpdesk staff into resetting passwords.
Richard Horne refused to be drawn on who the NCSC believes the hackers are, how they got in, what they managed to access or whether the attacks are linked.
'Until we have the facts, you just don't know,' he told ITV News.
'One of the challenges with cyber attacks is you are in a fog for a period, and picking your way through that fog — getting the facts, understanding exactly what the attackers did, what data they accessed, what data they didn't access, what systems they got to — that does take time.
"We've seen many organisations take weeks, if not months, to get real clarity on what happened.'
In the past, some ransomware gangs have been linked to foreign governments. The global WannaCry ransomware attack in 2017, which forced the NHS to cancel thousands of appointments and operations, was later linked to North Korea by Microsoft.
The NCSC is not ruling out the influence of foreign governments in these incidents.
Horne added that there's 'no evidence of deeply personal information being taken' in any of the three hacks, and he advised customers of M&S, the Co-op and Harrods not to change passwords as a precaution.
The NCSC publishes advice and guidance on the steps organisations should take to prevent attacks and to respond effectively in the event of a successful hack.
Horne wouldn't say if the three retailers had followed that advice or if the attacks were preventable.
He did say that, across society, everyone is underestimating the scale of the risk cyber criminals pose.
'All organisations need to see this as a wake-up call — to understand what their exposure is to cyber attacks, to ensure they've got the right defences in place, and to make sure they've got a plan to be able to continue operations and recover should they be hit by a cyber attack,' he said.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Sky News
3 hours ago
- Sky News
Harrods plots legal action against estate of former owner al-Fayed
Harrods is preparing to take legal action against the estate of its former owner, Mohamed al-Fayed, as the multimillion-pound legal bill for compensating his sexual abuse victims continues to escalate. Sky News has learnt that the Knightsbridge department store, which has been owned by a Qatari sovereign wealth fund since 2010, plans to file a so-called passing-over application in the High Court as early as next week. The intention of the application is to secure the removal of Mr al-Fayed 's estate's current executors, and replace them with professional executors to administer it instead. Professional executors would be expected to investigate the assets and liabilities of the estate, while Harrods insiders claimed that the current executors - thought to be close family members of the deceased billionaire - had "ignored" correspondence from its lawyers. Sources close to Harrods said the passing-over application paved the way for it to potentially seek to recover substantial sums from the estate of the Egyptian tycoon as it contends with a compensation bill likely to run to tens of millions of pounds. In a statement issued to Sky News on Saturday, a Harrods spokesperson said: "We are considering legal options that would ensure that no doors are closed on any future action and that a route to compensation and accountability from the Fayed estate remains open to all." Mr al-Fayed is believed to have raped or sexually abused hundreds of women during his 25-year tenure as the owner of Harrods. He died in 2023, since when a torrent of details of his abuse have been made public by many of his victims. Earlier this year, Sky News revealed details of the compensation scheme designed by Harrods to award six-figure sums to women he abused. In a form outlining the details of the Harrods redress scheme overseen by MPL Legal, which is advising the department store, it referred to the potential "for Harrods to recover compensation paid out under this Scheme from Mohamed Fayed's estate". "You are not obliged to assist with any such claim for recovery," the form told potential claimants. "However, if you would be willing to assist Harrods including potentially by giving evidence against Fayed's estate, please indicate below." This weekend, there appeared to be confusion about the legal representation of Mr al-Fayed's estate. In March, the BBC reported that Fladgate, a UK-based law firm, was representing it in an article which said that women who worked for him as nannies and private air stewards were preparing to file legal claims against the estate. This weekend, however, a spokesman for Fladgate declined to comment on whether it was acting for Mr al-Fayed's estate, citing confidentiality restrictions. A source close to the law firm, meanwhile, insisted that it was not acting for the estate. KP Law, another law firm acting for some al-Fayed abuse survivors, has criticised the Harrods-orchestrated process, but has itself faced questions over proposals to take up to 25% of compensation awards in exchange for handling their cases. Harrods insiders said there was a growing risk that Mr al-Fayed's estate would not be responsibly administered given that the second anniversary of his death was now approaching. They added that as well as Harrods itself seeking contribution for compensation paid out for Mr al-Fayed's abuse, its legal action would also potentially open way for survivors to claim directly against the estate. Victims with no direct connection to Harrods are not eligible for any compensation through the store's own redress scheme. Even if Harrods' passing-over application was approved by the High Court, any financial recovery for the department store would be subject to a number of additional legal steps, sources said. "The passing-over action would achieve the goals of acknowledgement and accountability from the estate for survivors who don't have the resource to undertake a passing-over application themselves," an insider said this weekend.
Glasgow Times
7 hours ago
- Glasgow Times
Glasgow restaurant marking third birthday with free food
Rickshaw & Co, in Partick Bridge Street, is marking three years of serving Indian and Bangladeshi food in Glasgow's west end by offering customers free and discounted food. Birthday celebrations for the popular eatery, previously crowned the Curry Kings of Glasgow at the Scottish Asian Curry Awards, are due to take place between June 16 to 19. Read more: 'Magical' fairy garden party taking place in Glasgow - here's when On the first day, from noon until 9.30pm, the first 50 customers will be able to enjoy a free sit-in meal, consisting of up to three items from the menu. For the remaining celebration, customers will receive discounts on their food bills, including 50% off on Monday and Tuesday, and 25% off on Wednesday and Thursday. The owners of the popular restaurant, known for its "bold, street-food-inspired flavours and warm hospitality", hope the celebrations will provide a chance for customers to experience the flavoursome food at a good price. Read more: 'Major' event to be held for the 'first time' at XSite Braehead in June Gulshan Soni, Co-founder of Rickshaw & Co, said: "Turning three is a big moment for us. "Whether you're a student, a tourist, or someone who lives round the corner - we want to thank everyone who's supported us. "Come in, grab a seat, and celebrate with us. "Community is what keeps us going."
The Herald Scotland
a day ago
- The Herald Scotland
Veteran to sell village inn built by duke as hunting lodge
Christie & Co is marketing the Buccleuch Arms in the Borders village of St Boswells. The Buccleuch Arms also well as a bar and bistro, large private garden, boardroom or private dining room and function room. The business has won the Scottish Inn of the Year award four times and benefits from strong footfall and loyalty from the local community, as well as travelling business and leisure guests. The inn is in a prominent position. (Image: Christie & Co) The agent said: 'The inn is located in a prominent position in the village, fronting onto the A68 and within easy each of Melrose to the north. 'The current owner Billy Hamilton has operated and managed the Buccleuch Arms since 2003, building a solid reputation for quality local and seasonal food, and a warm, welcoming modern country pub atmosphere. Having managed the business for more than 20 years Billy has decided to retire and focus on other business interests, with the inn available to acquire in turnkey condition.' Gary Witham, director hote at Christie & Co, is managing the sale and said, 'This prominent hotel is at the heart of St Boswells and has not been available on the open market for over 40 years. The business offers a great mix of rooms and stylish bar/restaurant ready for a new owner to succeed on day one.' The Buccleuch Arms is on the market with a freehold asking price of offers in the region of £1.3 million. Plans approved to transform historic garden into distillery A historic walled garden on an estate with ties to Robert Burns is set for a new chapter as plans for a private whisky distillery have been approved.
