A persistent wave of cyberattacks is crippling some of Britain's major businesses, with experts describing the phenomenon as an “epidemic.”
The crisis has escalated with Jaguar Land Rover (JLR), the flagship of the UK's manufacturing industry, facing a prolonged global shutdown following a severe ransomware attack that began on August 31st.
The case is not a standalone incident but shows a continued pattern that involved the failure of many common businesses, including Marks and Spencer and Co-op, to the tune of colossal financial and operational losses earlier this year, and creating alarming consequences for matters of cyber resilience nationwide.
The list of victims appears like a who's who of British commerce. Recently, the co-op announced a £80 million blow to its profits and more than £200 million in revenue losses due to cyber attacks.
M&S reported a staggering £300 million cost. They are ransomware attacks that are primarily achieved through the encryption of the important systems of the company.
The hackers then demand payment for releasing the decryption key, effectively holding the business hostage.
It is not only retailers that have been affected by the disruption as airports have also been hit by the travel chaos, and even the Legal Aid Agency suffered an attack resulting in a leak of sensitive personal information of applicants.
The JLR attack underscores the inter-dependency of the modern economy. The effect is trickling down the supply chain because production was grounded weeks ago and is not likely to resume before October 1st at the earliest.
Small businesses that depend on JLR could have as little as a week of cash flow remaining, with bigger companies potentially going out of business in 12 weeks.
Liam Byrne MP, head of the Business and Trade Committee, has warned the government that smaller firms reliant on JLR “may have at best a week of cashflow left,” while larger ones could struggle within a fortnight.
It endangers an estimated 200,000 jobs within the supply chain, proving that even a cyberattack on one single company can endanger an entire industrial ecosystem.
The nature of the threat has evolved dramatically. According to security experts, hacking is not about bragging rights anymore but it has turned into a very lucrative commercial business by organised crime groups.
“It is a way of making money that’s less likely for you to end up in jail than it would be for smuggling drugs,” one analyst noted.
Organizations such as "Scattered Spider" and "DragonForce" use ransomware-as-a-service models, making complex cyberattacks accessible to a wider range of criminals.
Cyber insurance is a crucial element in the manner in helping companies survive cyberattacks, which can fund ransom negotiation and recovery expenses.
One of the most significant instances is JLD, which was not insured against such attacks. This puts the company in a more dangerous position.
The crisis has increased the clamor for a more active role by the government in cybersecurity, rather than responding to attacks by strengthening national defences.
The current incidents serve as a stark reminder that the cyber threat has long ceased to be an IT problem and is now a significant threat to the UK economy and national security.
