Marks & Spencer, commonly advertised as M&S, is a London-based British multinational retailer that sells clothing, home products, beauty products, and food items. In the United Kingdom, M&S is a highly recognised brand with a loyal customer base because of its high-quality products, and it is renowned around the globe. However, despite being so popular and famous among its loyal consumers, the past few weeks have been highly disappointing to the company. The company has lost millions of pounds because of lost sales and also lost the value of its shares. Moving further, we can explore what exactly happened with a company like Marks and Spencer, which is going through a hard time.
The Cyberattack on Marks & Spencer
The British retailer is dealing with the consequences of the cyber attack, which has roughly affected its operations. These disruptions of services include the click-and-collect system, which is causing inconvenience for customers awaiting online orders. However, the company has assured people that its physical stores, app, and website will remain fully operational even after the attack.
It was a ransomware attack that disrupted operations. The hackers used a potent kind of malware that caused some of M&S's systems to go down and make them inaccessible. According to cybersecurity experts, the attackers used ransomware known as DragonForce, which encrypted the files of the victim's computers and demanded payment in Cryptocurrency to unlock them.
The founding Chief Executive of the National Cyber Security Centre, Ciaran Martin, stated, "This is a pretty bad episode of ransomware." It is a highly disruptive and challenging event for them." Cyber-related technical glitches can be resolved in a matter of hours, but locating the malware and then sweeping it through the system and creating a disaster for a company like M&S is not a quick job, stated Professor Alan Woodward, a cybersecurity expert from Surrey University.
Ransomware is malware that encrypts a user's files and data on a computer. The computer is not unlocked until the ransom is paid. These malware usually demand untraceable or difficult-to-trace digital currencies such as Bitcoins, Paysafecard, and other cryptocurrencies. They are typically brought in using a Trojan, making it look like a legitimate file to trick the users into downloading or opening it.
The group responsible for the attack
This major attack is said to be linked with a notorious hacking group called the "Scattered Spider." The hacking group mainly consists of teens and young adults who are believed to live somewhere in the United States and the United Kingdom. The group gained notoriety for hacking and extorting "Caesar's Entertainment" and "MGM Resorts International."
In addition to these two casinos and gambling companies, Scattered Spider has also attacked Visa, PNC Financial Services Group Inc., Transamerica, Truist Bank, and others. Some of the members have also faced charges for attempting to steal Cryptocurrency through phishing attacks in the United States. Their disruption has caused M&S to suffer a loss of £500m in the stock market value.
Aftermath of the attack
Marks & Spencer has been dealing with this issue for over a week and is trying to recover from this attack. They have suspended their online operations and stopped processing some payments across multiple stores in the United Kingdom. The spokesperson for Marks & Spencer has refused to pass any comment regarding the ransomware or the hackers' identity.
Even if this is not delivered, it is still unclear whether they have demanded payment from M&S or are involved in any negotiations. Marks & Spencer has hired some cybersecurity experts to assist with this matter. The company has said, "We are taking actions to protect our network further and ensure we can continue to maintain customer service."
However, shoppers can still browse online and shop in M&S's physical stores using cash or cards. Nonetheless, some difficulties are still being faced as gift cards are not accepted. Goods can only be returned at the checkout in items of clothing and homeware stores, or via post. At the same time, food stores are not currently accepting returns.
Even in such conditions, M&S prioritises the customer's trust and maintains its operations to cater to its customers' needs. The company assures its over 64,000 employees and millions of customers that every possible measure is being implemented to secure the systems and maintain operations. M&S has over 1,400 stores worldwide and has an excellent reputation, but it was harmed due to this cyber attack.
Conclusion
This incident shows us how the threat of cyberattacks that companies face today is growing. Marks & Spencer has faced an enormous loss, but it is taking every possible action to deal with this issue. It has paused some of its actions, but it is still operating through its physical stores. The regular Marks & Spencer customers are advised to reset their passwords.