Hackers may ‘try their luck' with other retailers after M&S breach, experts say
The luxury London department store said it had restricted internet access across its sites on Thursday as a precautionary measure following an attempt to gain unauthorised access to its systems.
It follows a serious ransomware attack on Marks & Spencer that has forced the company to suspend online orders and halt all recruitment, and the Co-op has also confirmed it was the target of an attempted breach, and it too has shut down some of its IT systems as a precaution.
It's typical for similar companies in the same sector to become secondary targets after a huge cyber attack Jake Moore, Eset
Jake Moore, global cybersecurity adviser at Eset, said other retailers being targeted in the wake of the M&S breach was 'typical', as hacking groups are often inspired to 'try their luck' by using the same type of ransomware elsewhere.
'It's typical for similar companies in the same sector to become secondary targets after a huge cyber attack,' he said.
'As the strain of ransomware called DragonForce can simply be purchased on the dark web in a model called 'ransomware-as-a-service', other hacking groups are also able to attempt their luck on similar businesses and start demanding ransoms where possible.
'It is often a precautionary measure to shut down parts of a system after a major cyber attack to mitigate any threats and prevent similar breaches.
'However, attacks involving the DragonForce ransomware most commonly start by targeting known vulnerabilities such as attacking systems that have not been kept up to date with the latest security patches, so businesses need to be extra vigilant and improve how quickly they update their networks.'
Cybersecurity expert Cody Barrow, chief executive of EclecticIQ, said the flurry of attacks showed cybercriminals are becoming bolder.
What's deeply concerning is generative AI is accelerating the threat landscape Cody Barrow, EclecticIQ
'Coming on the heels of recent breaches at Co-op and M&S, it highlights an alarming trend: attackers are becoming increasingly opportunistic, exploiting weaknesses across complex, highly interconnected supply chains,' he said, warning that artificial intelligence was also making it easier for lower-skilled hackers to put together sophisticated attacks.
'What's deeply concerning is generative AI is accelerating the threat landscape.
'Sophisticated phishing campaigns, deepfake social engineering, and adaptive malware are now within reach of even low-skilled attackers.
'This widespread access to advanced attack tools is driving up attack volume, speed, and complexity.'
According to reports, a hacking group known as Scattered Spider is said to be behind the M&S attack, although this has not been confirmed.
It also remains unclear if the three attacks are linked.
It's a lesson again in the growing difficulty large organisations have in securing against threats in their supply chain, particularly as those threats grow in volume and sophistication Toby Lewis, Darktrace
Toby Lewis, head of threat analysis at cybersecurity firm Darktrace, said the attacks could be linked by a common piece of technology used by all three firms that has a vulnerability, or that Co-op and Harrods had stepped up their own security response in the wake of the M&S breach.
'Details of the cyber attack at Harrods are still low and we shouldn't rule out that the three incidents impacting M&S, Co-operative and Harrods are coincidence,' he said.
'However, with the information publicly available we can see two other likely scenarios: either a common supplier or technology used by all three retailers has been breached and used as an entry point to big-name retailers, or the scale of the M&S incident has prompted security teams to relook at their logs and act on activity they wouldn't have previously judged a risk.
'It's a lesson again in the growing difficulty large organisations have in securing against threats in their supply chain, particularly as those threats grow in volume and sophistication.'
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Independent
6 hours ago
- The Independent
Asian shares are mixed and oil prices advance as Israel-Iran crisis escalates
Asian shares were mixed on Monday and oil prices extended gains on worries that escalating Iran- Israel tensions could disrupt the flow of crude around the world. U.S. benchmark crude oil added 20 cents to $73.18 per barrel. Brent crude, the international standard, gained 95 cents to $75.18 per barrel. In share trading, Tokyo's Nikkei 225 added 1.3% to 38,307.74, while the Kospi in Seoul gained 0.9% to 2,920.57. Chinese markets were little changed after data for May showed stronger consumer spending but weaker factory activity and investment. A 6.1% year-on-year jump in retail sales was offset but lower than expected growth in industrial output, which rose 5.8% from a year earlier. Hong Kong 's Hang Seng fell 0.1% to 23,864.20 and the Shanghai Composite Index added less than 0.1% to 3,378.78. Australia's S&P/ASX 200 fell 0.2% to 8,547.40. On Friday, oil prices jumped and stocks slumped after Israel's attack on Iranian nuclear and military targets. The S&P 500 sank 1.1% to 5,976.97. The Dow Jones Industrial Average dropped 1.8% to 42,197.79, and the Nasdaq composite lost 1.3% to 19,406.83. The strongest action was in the oil market, where the price of a barrel of benchmark U.S. crude and Brent crude, the international standard surged more than 7%. Iran is one of the world's major producers of oil, though sanctions by Western countries have limited its sales. If a wider war erupts, it could slow the flow of Iran's oil to its customers and keep the price of crude and gasoline higher for everyone worldwide. Beyond the oil coming from Iran, analysts also pointed to the potential for disruptions in the Strait of Hormuz, a relatively narrow waterway off Iran's coast. Much of the world's oil that's been pulled from the ground moves through it on ships. Companies that use a lot of fuel as part of their business and need their customers feeling confident enough to travel suffered some of the sharpest losses. Cruise operator Carnival dropped 4.9%. United Airlines sank 4.4%, and Norwegian Cruise Line Holdings fell 5%. They helped overshadow gains for U.S. oil producers and other companies that could benefit from increased fighting between Israel and Iran. Exxon Mobil rose 2.2%, and ConocoPhillips gained 2.4% because the leaping price of crude portends bigger profits for them. Contractors that make weapons and defense equipment also rallied. Lockheed Martin, Northrop Grumman and RTX all rose more than 3%. The price of gold climbed as investors searched for safer places to park their cash. An ounce of gold added 1.4% on Friday and was holding steady early Monday. Prices for Treasury bonds will likewise rise when investors are feeling nervous, but Treasury prices fell Friday, which in turn pushed up their yields, in part because of worries that a spike in oil prices could drive inflation higher. Inflation has remained relatively tame recently, and it's near the Federal Reserve's target of 2%, but worries are high that it could be set to accelerate because of President Donald Trump's tariffs. A better-than-expected report Friday on sentiment among U.S. consumers also helped drive yields higher. The preliminary report from the University of Michigan said sentiment improved for the first time in six months after Trump put many of his tariffs on pause, while U.S. consumers' expectations for coming inflation eased. On Wall Street, Adobe fell 5.3% even though the company behind Photoshop reported a stronger profit for the latest quarter than Wall Street expected. Analysts called it a solid performance but said investors may have been looking for some bigger revenue forecasts for the upcoming year. In currency trading early Monday, the U.S. dollar gained to 144.37 Japanese yen from 144.03 yen. The euro rose to $1.1537 from $1.1533.
Scottish Sun
12 hours ago
- Scottish Sun
B&M shoppers are rushing to buy a £4 dupe of Zara Home's iconic candle that is £20 cheaper than the original
Click to share on X/Twitter (Opens in new window) Click to share on Facebook (Opens in new window) BARGAIN-hunting Brits are going wild for a £4 candle from B&M that's being hailed as a perfect dupe for a high-end Zara Home favourite — and it's £20 cheaper. The budget retailer's Candle in a Cup has caught the attention of shoppers thanks to its striking resemblance to Zara Home's Mountain Pepper Scented Candle, which retails at £23.99 for a 250g pot. Sign up for Scottish Sun newsletter Sign up 4 Zara's Moutain pepper scented candle for £23.99 Credit: ZARA 4 The retailer has a strong reputation for stocking high-quality dupes that give customers the luxe-for-less feel Credit: Facebook 4 Now, B&M shoppers say they can get the same luxurious scent for a fraction of the cost – and with the same chic look to match any décor Credit: Facebook B&M's version comes in a similarly sleek ceramic cup and offers a warm, spicy scent that's near identical to the original, according to fans. One delighted customer said, 'I couldn't believe how similar it smelled to the Zara one I had before. "Honestly, if someone blind-tested me, I wouldn't know the difference. And at £4? I went back the next day and bought three more.' The Mountain Pepper candle by Zara is known for its rich, peppery notes with a hint of citrus, making it a cult classic for those who love a home that smells expensive. Now, B&M shoppers say they can get the same luxurious scent for a fraction of the cost – and with the same chic look to match any décor. This isn't the first time B&M has caused a frenzy with its affordable alternatives to designer homewares. The retailer has a strong reputation for stocking high-quality dupes that give customers the luxe-for-less feel. Their Hotel Collection range, in particular, has drawn comparisons to brands like The White Company and Jo Malone. Shoppers have also raved about B&M's reed diffusers, which are priced at just £3.99 but give off scents that rival products five times the price. I wasn't going to fork out for a Labubu so nabbed a budget alternative from B&M instead - it's SO much cuter too One woman wrote on Facebook: 'These make my whole house smell posh. "I'll never go back to buying the expensive ones again.' Priced at around £4.99, they're often compared to Jo Malone's classic scented candles, which can cost upwards of £55. As one shopper joked online: 'It's giving Zara vibes, but on a B&M budget — and I'm here for it!' Even home accessories like velvet cushions and throws are proving popular dupes. Their luxe-looking velvet cushion covers, priced at £8.99, have been likened to ones sold at H&M Home and Zara Home for double the price.
Daily Mail
a day ago
- Daily Mail
Warning issued to Sainsbury's customers after two years of Nectar points stolen
Experts have issued a fresh warning to Sainsbury's customers after a shopper reported having two years of her Nectar points stolen. This is Money revealed earlier this year that Nectar had introduced a 'lock' feature on its loyalty card scheme, meaning any account can be freezed until the customer decides to spend their reward points. The announcement came after an investigation revealed that 12.5 million Nectar points worth nearly £63,000 had been stolen from our readers over the period of a year. And just last week, another customer reported on social media that 3,000 points had been stolen from her account after they were used in a Twickenham branch. She posted: 'Someone has stolen 3,000 of my Nectar points? 'I have never been to Twickenham in my life and I have been saving these points for two years to help pay for Christmas. Please look into this.' The claims have prompted cybersecurity experts to urge customers to take a fresh look at their accounts in order to prevent potentially criminal activity. 'It's especially important to monitor accounts more often just before Christmas,' Jake Moore, Eset's Global Security Advisor told The Sun. 'This is usually when criminals target accounts with points that have been accumulated over the year.' He added that accounts should be checked 'frequently to detect and report any unauthorised actions promptly'. Only primary users of the account should be able to lock and unlock spending on their Nectar accounts with the new locking feature, while additional collectors will only be able to collect points. It was brought in to allow customers to start saving their points again without fear of them being stolen by fraudsters. Thankfully most of the customers affected in This is Money's investigation were refunded by Sainsbury's, which owns Nectar. A Nectar spokesperson today told MailOnline: 'Nectar is one of the UK's biggest loyalty schemes, with over 23 million members. 'The security of our customer accounts is our highest priority and the proportion of those impacted by fraud each year is very small. 'We have a range of measures which detect, and in many cases prevent fraud, including our Spend Lock feature. 'Our Nectar Helpline team are on hand to support any customer who suspects they may have been a victim of fraud.'
