Latest news with #JuliusCerniauskas
Daily Mail
02-05-2025
- Business
- Daily Mail
The teens holding Britain's top retailers to ransom: Fears Scattered Spider gang 'behind M&S cyber attack' are linked to Co-op and Harrods hacks as experts issue warning to stores
A shadowy youth gang reported to be behind the M&S cyber attack could target other major UK retailers with the aim of 'causing maximum disruption', a cyber expert has warned. M&S CEO Stuart Manchin confirmed today that the high street giant had still not been able to restore all its systems following the devastating hack but was aiming to 'get things back to normal as quickly as possible'. Yesterday, Harrods became the latest retailer to reveal it has been targeted by cyber hackers, shortly after a similar announcement by the Co-op. Some observers have blamed the M&S attack on a group operating under the name Scattered Spider, and there are fears all the attacks could be linked. Julius Cerniauskas, CEO of web intelligence experts Oxylabs, told MailOnline: 'Following the M&S cyber attack and the potential involvement of hacking group Scattered Spider, all major UK retailers will be seriously worried if they'll be tangled in the web next. 'The impact on the M&S share price shows the damage these attacks can do and will have many corporate retailers working day and night to ensure they do not suffer a similar fate. 'Ransomware gangs typically target companies like Marks & Spencer with the aim of causing maximum disruption to force a quick payout. Their goal is simple: the greater the disruption, the greater the pressure on the company to pay the ransom.' Scattered Spider is thought to be made up of 1,000 mainly British and American youths and young men, and has already gained global notoriety for a slew of attacks on major brands. Such criminal outfits typically demand up to £10million in ransom for returning full access to firms, according to industry sources. Detectives have been working alongside the National Cyber Security Centre and data watchdog the Information Commissioner's Office (ICO). After recent 'attempts to gain unauthorised access' to some of its systems, Harrods said on Wednesday that it 'restricted internet access' at its sites. Its luxury Knightsbridge store remained open, as well as its airport and beauty shops. Meanwhile, Co-op had to shut down parts of its IT system after discovering an attempted hack just days after the attack on M&S. Trade website Bleeping Computer said 'multiple sources' pointed to Scattered Spider having gained access to M&S's servers as far back as February before putting their plan into action over Easter. Previous arrests have seen alleged members of the criminal outfit from the UK being detained by cops. Among them is Tyler Robert Buchanan. The 23-year-old is alleged to be Scattered Spider's leader. He was arrested at a Spanish airport in June last year. Scotsman Buchanan is alleged to have been behind the 2023 hack of Las Vegas casino operators Caesar's Entertainment and MGM Resorts International. US prosecutors also claim he was part of a sophisticated £9million cryptocurrency fraud, which saw victims being sent phishing text messages warning their accounts would be closed. The link directed them to a legitimate-looking website which they then entered their personal details in. It's alleged the hacking gang then seized these details and used them to pilfer £9million worth of virtual currency. Buchanan, of Dundee, was arrested in Spain earlier this year while on his way to Italy and is in custody awaiting extradition to the US to face charges of conspiracy to commit wire fraud, conspiracy, wire fraud, and aggravated identity theft. Earlier this month he was charged alongside four American men, all of whom are below the age of 25. Should he be convicted in the US, he could face 47 years in jail. Last year, a 17-year-old boy from Walsall was also arrested in connection with the same Las Vegas cyber attack. He was detained by police last July on suspicion of Blackmail and Computer Misuse Act offences before being bailed pending further enquiries. The boy is still under investigation, the National Crime Agency (NCA) confirmed to MailOnline today. Officers from the Regional Organised Crime Unit for the West Midlands (ROCUWM) joined officers from the NCA, in coordination with the United States Federal Bureau of Investigation (FBI) to carry out the strike. Speaking at the time, Detective Inspector Hinesh Mehta, cyber crime unit manager, at ROCUWM, said: 'These cyber groups have targeted well known organisations with ramsomware and they have successfully targeted multiple victims around the world taking from them significant amounts of money. 'We want to send out a clear message that we will find you. It's simply not worth it.' M&S chief Stuart Machin issued an update to customers this morning after 11 days of disruption. 'We are working day and night to manage the current cyber incident and get things back to normal for you as quickly as possible. 'Thank you from me and everyone at M&S for all the support you have shown us. We do not take it for granted and we are incredibly grateful. 'Our teams are doing the very best they can, and are ready to welcome you into our stores - whether you are shopping for food or for fashion, home and beauty this bank holiday weekend. 'Thank you for your support and thank you for shopping with us. We will continue to keep you updated.' The supermarket first revealed it had been hit by a cyber attack on April 21.
Daily Mail
01-05-2025
- Business
- Daily Mail
Fans distraught over 'shortage' of one of UK's most beloved sweets after Marks & Spencer cyber attack
Fans have been left distraught after finding out their beloved sweet is the latest victim in the cyber attack which has targeted Marks & Spencer. Shoppers were shocked to see the favourite Percy Pig gummy sweets were nowhere to be found on supermarket shelves after the brand was crippled by attacks to their online systems. The cyber attacks, which has been linked to notorious teenage hacking gang Scattered Spider, has left the high street giant reeling. The supermarket has been forced to halt online sales for at least five days - with its share prices plummeting by more than £500m. The ransomware hack against M&S is understood to have locked down many of the retailer's systems including its supply of Percy Pigs. According to The Sun, signs next to the empty shelves, which displayed just a few veggie and low-sugar varieties of the sweets, read: 'Please bear with us while we fix some technical issues affecting product availability.' Loyal M&S customers buy 16 million bags of the sweet treats a year and took to social media to share their anger at not being able to get their hands on any. One posted online: 'Lads, s**t just got real.' Another said: 'This isn't just a cyber attack — it's an M&S cyber attack.' MailOnline has contacted M&S for comment. M&S has faced a week of mayhem following the cyber attack over the Easter weekend. Trade website Bleeping Computer said 'multiple sources' pointed to Scattered Spider having gained access to M&S's servers as far back as February before putting their plan into action over the bank holiday. As a result M&S paused its click-and-collect service, where customers order items online for collection from a shop. These orders are still being face disruption. Julius Cerniauskas, chief executive of web intelligence experts Oxylabs, feared other firms could soon be targeted by hackers seeking to cause similar cyberspace chaos. 'Following the M&S cyber attack and the potential involvement of hacking group, Scattered Spider, all major UK retailers will be seriously worried if they'll be tangled in the web next,' he warned. 'The impact on the M&S share price shows the damage these attacks can do and will have many corporate retailers working day and night to ensure they do not suffer a similar fate. 'Ransomware gangs typically target companies like Marks & Spencer with the aim of causing maximum disruption to force a quick payout. By freezing critical systems, criminals create chaos for both customers and the business - affecting online orders, payments, and store operations. M&S supplies across the board have been affected by the cyber attack which has been linked to a teenage hacking gang Signs next to the empty shelves read: 'Please bear with us while we fix some technical issues affecting product availability.' 'Their goal is simple: the greater the disruption, the greater the pressure on the company to pay the ransom. 'While it appears M&S has regained some control, preventing the situation from escalating further will depend on thorough system cleansing, patching vulnerabilities, and ensuring no backdoors have been left behind by the attackers.' Experts say criminal outfits like the Scattered Spiders pose a 'sophisticated threat' to the public and to businesses worldwide. Such cyber hackers typically demand up to £10million in ransom for returning full access to firms, say industry sources. No arrests have been made over the M&S hack, a Met spokesman confirmed, adding: 'Detectives from the Met's cyber crime unit are investigating. Inquiries continue.' Detectives have been working alongside the National Cyber Security Centre and data watchdog the Information Commissioner's Office (ICO). Marks & Spencer would not share details last night nor speculate on the culprit or confirm whether it has paid a ransom. In hacks such as this, criminals typically infiltrate an IT system, freeze it and demand payment from companies. It's believed ransomware called DragonForce may have been used in the attack on M&S, which has cost the retailer millions in lost sales and lower share prices.
Daily Mail
30-04-2025
- Business
- Daily Mail
M&S cyber attack linked to notorious hacking group
Published: | Updated: Scotland Yard detectives are probing the devastating IT meltdown at M&S thought to be caused by teenage hackers. A shadowy group operating under the name Scattered Spider was yesterday said to be behind the attack, which has crippled the retailer for more than a week. But the Mail can now reveal the Metropolitan Police's cyber crime unit has been called in to investigate the crisis. The collective, thought to be made up of 1,000 mainly British and American youths and young men, has already gained global notoriety for a slew of attacks on major brands, with a cyber security expert warning it poses a 'sophisticated threat'. Such criminal outfits typically demand up to £10million in ransom for returning full access to firms, say industry sources. No arrests had been made last night, a Met spokesman confirmed, adding: 'Detectives from the Met's cyber crime unit are investigating. Inquiries continue.' Detectives have been working alongside the National Cyber Security Centre and data watchdog the Information Commissioner's Office (ICO). Marks & Spencer would not share details last night nor speculate on the culprit or confirm whether it has paid a ransom. In hacks such as this, criminals typically infiltrate an IT system, freeze it and demand payment from companies. Trade website Bleeping Computer said 'multiple sources' pointed to Scattered Spider having gained access to M&S's servers as far back as February before putting their plan into action over Easter. As a result M&S paused its click and collect service, where customers order items online for collection from a shop. These orders are still being hit. Bosses at the retailer are said to have asked for help from experts at Microsoft as well as cyber security professionals CrowdStrike and Fenix24. Julius Cerniauskas, of web experts Oxylabs, said: 'Their goal is simple: the greater the disruption, the greater the pressure on the firm to pay the ransom.' Cyber expert Ed Williams, of Trustwave, said these attacks require 'calculated' criminals who understand 'both the technical and human weaknesses to exploit within large organisations'. And Nathaniel Jones, of cyber firm Darktrace, warned Scattered Spider poses a 'sophisticated threat' to big companies, adding: 'Their approach is dangerous. They are thought to be native English speakers who don't just exploit technical vulnerabilities but manipulate people, especially IT help desks.' Previously the group, which the FBI has said poses a threat akin to hacking operations in China and Russia, has carried out 'phishing attacks' – sending fake texts to staff mobiles asking them to click on a link that gives the hackers access to work systems. US casino firm Caesars Entertainment was brought to its knees in September 2023 and ultimately forced to pay hackers £12million to restore its network. The gang – which is also known by other names including Scatter Swine and Muddled Libra – has been linked to raids on firms since May 2022. Last year US authorities charged five alleged members with targeting at least 12 firms. The suspects included 22-year-old Tyler Buchanan, from Dundee, who was extradited to California from Spain last week on charges related to attacks on casino operators including Caesars. Last July a 17-year-old boy from Walsall was arrested as part of a different global probe into the gang. And earlier this month a leading member pleaded guilty to a string of online fraud offences in a Florida court. Noah Urban faces up to 60 years in prison and must pay back more than £10million. George Weston, chairman of Primark and Twinings tea owner Associated British Foods, said: 'All of business, certainly us, have been very aware of cyber risk for some time... We look at what's happened [at M&S] with sadness. Whatever we can do to help, we would do – but it's a threat to all of us.' In a further blow for M&S, shop shelves were pictured empty yesterday while online orders were suspended for a fifth day. Its home and clothing business takes around £11million in sales a day – with a third of this from online. That means M&S could lose close to £3.7million every day the website is down. Want more stories like this from the Daily Mail? Hit the follow button above for more of the news you need.
Daily Mail
29-04-2025
- Business
- Daily Mail
Notorious hackers are 'behind M&S cyber raid': Retail giant calls in Scotland Yard as finger is pointed at gang that blackmails firms for millions
Scotland Yard detectives are probing the devastating IT meltdown at M&S thought to be caused by teenage hackers. A shadowy group operating under the name Scattered Spider was yesterday said to be behind the attack, which has crippled the retailer for more than a week. But the Mail can now reveal the Metropolitan Police 's cyber crime unit has been called in to investigate the crisis. The collective, thought to be made up of 1,000 mainly British and American youths and young men, has already gained global notoriety for a slew of attacks on major brands, with a cyber security expert warning it poses a 'sophisticated threat'. Such criminal outfits typically demand up to £10million in ransom for returning full access to firms, say industry sources. No arrests had been made last night, a Met spokesman confirmed, adding: 'Detectives from the Met's cyber crime unit are investigating. Inquiries continue.' Detectives have been working alongside the National Cyber Security Centre and data watchdog the Information Commissioner's Office (ICO). Marks & Spencer would not share details last night nor speculate on the culprit or confirm whether it has paid a ransom. In hacks such as this, criminals typically infiltrate an IT system, freeze it and demand payment from companies. Trade website Bleeping Computer said 'multiple sources' pointed to Scattered Spider having gained access to M&S's servers as far back as February before putting their plan into action over Easter. As a result M&S paused its click and collect service, where customers order items online for collection from a shop. These orders are still being hit. Bosses at the retailer are said to have asked for help from experts at Microsoft as well as cyber security professionals CrowdStrike and Fenix24. Julius Cerniauskas, of web experts Oxylabs, said: 'Their goal is simple: the greater the disruption, the greater the pressure on the firm to pay the ransom.' Cyber expert Ed Williams, of Trustwave, said these attacks require 'calculated' criminals who understand 'both the technical and human weaknesses to exploit within large organisations'. And Nathaniel Jones, of cyber firm Darktrace, warned Scattered Spider poses a 'sophisticated threat' to big companies, adding: 'Their approach is dangerous. They are thought to be native English speakers who don't just exploit technical vulnerabilities but manipulate people, especially IT help desks.' Previously the group, which the FBI has said poses a threat akin to hacking operations in China and Russia, has carried out 'phishing attacks' – sending fake texts to staff mobiles asking them to click on a link that gives the hackers access to work systems. US casino firm Caesars Entertainment was brought to its knees in September 2023 and ultimately forced to pay hackers £12million to restore its network. The gang – which is also known by other names including Scatter Swine and Muddled Libra – has been linked to raids on firms since May 2022. Last year US authorities charged five alleged members with targeting at least 12 firms. The suspects included 22-year-old Tyler Buchanan, from Dundee, who was extradited to California from Spain last week on charges related to attacks on casino operators including Caesars. Last July a 17-year-old boy from Walsall was arrested as part of a different global probe into the gang. And earlier this month a leading member pleaded guilty to a string of online fraud offences in a Florida court. Noah Urban faces up to 60 years in prison and must pay back more than £10million. George Weston, chairman of Primark and Twinings tea owner Associated British Foods, said: 'All of business, certainly us, have been very aware of cyber risk for some time... We look at what's happened [at M&S] with sadness. Whatever we can do to help, we would do – but it's a threat to all of us.' In a further blow for M&S, shop shelves were pictured empty yesterday while online orders were suspended for a fifth day. Its home and clothing business takes around £11million in sales a day – with a third of this from online.
Yahoo
28-04-2025
- Business
- Yahoo
M&S: FTSE 100 shares continue to drop after cyber attack
Marks and Spencer's (M&S) share price has fallen more than three per cent in early trades this morning as the effects of a cyber attack last week rage on. The FTSE 100 retailer's share price has fallen by nearly nine per cent since it announced the attack in a statement to the London Stock Exchange on 22 April. Since then, the retail and grocery giant has suspended online orders and many of its shoppers were unable to use contactless payments for parts of last week. The high street darling told hundreds of agency workers at its Castle Donington distribution centre in the East Midlands to stay at home on April 28, according to Sky News reporter Mark Kleinman. Staff working from home have been reportedly locked out of the company's IT systems as the firm works to contain the fallout from the attack, according to The Times. Online shopping accounts for around a third of sales at M&S, a figure which has been steadily growing over the past decade. 'Ransomware gangs… aim [for] maximum disruption to force a quick payout. By freezing critical systems, criminals create chaos for both customers and the business – affecting online orders, payments, and store operations. 'Their goal is simple: the greater the disruption, the greater the pressure on the company to pay the ransom,' Julius Cerniauskas, CEO of web intelligence experts Oxylabs, said. 'While it appears M&S has regained some control, preventing the situation from escalating further will depend on thorough system cleansing, patching vulnerabilities, and ensuring no backdoors have been left behind by the attackers,' Cerniauskas added. Dennis Martin, crisis management and business resilience specialist at Axians, said that the incident served as a reminder that 'cybersecurity is no longer just an IT concern, but a core operational risk'. 'What's crucial now is learning from this, ensuring systems and operational processes are resilient, communications are clear and contingency plans are in place and tested regularly. 'As cyber threats become more sophisticated, it's not about eliminating risk entirely, but about responding effectively and maintaining customer trust when the unexpected happens,' Martin said. City AM has contacted M&S for comment. Sign in to access your portfolio
