ARTICLE AD BOX
Scotland Yard has been called in to investigate the cyber attack that has left Marks & Spencer with empty shelving and its market value slashed.
The Metropolitan Police confirmed it was called last Wednesday in relation to the attack, with detectives from the force’s cyber crime unit launching an investigation which remains ongoing.
The retailer is also working with experts from both the National Crime Agency and the National Cyber Security Centre, with the former telling The Independent that the two groups were working “to better understand the incident and support the company”.
M&S confirmed on Tuesday there were “pockets of limited availability” of items in some shops as a result of its “decision to take some systems temporarily offline” in response to the attack – but said it was “working hard” to get availability back to normal.
The retailer has been grappling with the cyber incident for more than a week now, first causing problems for its contactless payments and click and collect orders, before since wiped millions off its market value.
Last Friday, it paused orders through its website and app, which have remained down as it tries to resolve the problem.
A spokesperson for the Met said: “We were called on Wednesday, 23 April regarding a cyber-incident at Marks & Spencer. Detectives from the Met’s Cyber Crime Unit are investigating. Enquiries continue.”
Professor Alan Woodward, a cyber security expert at the University of Surrey and former adviser to the EU’s law enforcement agency Europol, told The Independent on Tuesday that, although little is known about the nature of the cyberattack, it could still feasibly be days before M&S is able to resume normal operations.
“I suspect one of reasons it’s taking so long to do all of this is an abundance of caution being exercised – and what they’re doing is they are turning over every rock and making sure there’s nobody still in there,” said Prof Woodward.
“Because one of the worst things is if a hacker has got in, let the ransomware go, and they can persist on the network, then you might clear it – you might get out of it [the attack] – but they’ll just pop back up again.”
A hacking group operating under the name Scattered Spider – previously alleged to involve British and American teenagers – has been linked to the attack, according to reports, with tech news outlet Bleeping Computer first linking the group to a potential ransomware attack.
According to The Telegraph, investigators believe the attackers used a hacking tool from a group known as DragonForce, which bills itself as a “ransomware cartel”, to carry out the breach.
English (US) ·