Marks and Spencer cyber attack

Forums New posts
egb_hibs

egb_hibs

Private Member
Joined
Jul 2, 2002
Hadn't really read about this till this morning though it happened a week ago.

Sounds like a complete cluster fuck and a manifestation of my worst nightmares till I chucked work.

Hit on Easter Monday - classic stuff, bank holidays weekends a typical time for attacks - a week later they still can't do online trading and their warehouses are telling people not to come in (put the two together I suspect their stock / inventory management is hit).

They're also chopping WFH capability which is interesting - I wonder if they suspect that's the 'attack vector', which is jargon for the weakpoint / means by which the attack was executed. If that does prove to be the case, watch out for a major jolt to the WFH model.

At the end of the day they're going to have to pay up if it's a ransomware hit which it sounds like. Nobody talks about it but I understand that pretty much everyone does.
 
Last edited:
egb_hibs said:
At the end of the day they're going to have to pay up if it's a ransomware hit which it sounds like. Nobody talks about it but I understand that pretty much everyone does.
Click to expand...

Wow - I've never heard of this before!
 
Smurf said:
Wow - I've never heard of this before!
Click to expand...
Well if you have uninfected backups and can bear the cost / disruption of doing it you might be able to recover. If you don't you're fucked. If they've let the ransomware sit in place for some time before activation then chances are it's in your backups too.
 
They will have hit them on Easter in the hope that It was in skeleton crew mode for a bank holiday, so it can go as far as it can before detection.
 
Smurf said:
Genuinely news to me. From what budget do they pay out from?
Click to expand...
Well that's for the accountants to hide. I mean this is all murky as noone discusses it for obvious reasons, ie bad publicity, but I've been told many times over the years within the industry that folk pay out.
 
Google suggests I'm exaggerating a bit, a little over half of victims pay out.
 
Nooooo what happens if I cannae get a snappy shopper beer delivery?

Evil bastards need season tickets to the Merricks for life.
 
egb_hibs said:
Hadn't really read about this till this morning though it happened a week ago.

Sounds like a complete cluster fuck and a manifestation of my worst nightmares till I chucked work.

Hit on Easter Monday - classic stuff, bank holidays weekends a typical time for attacks - a week later they still can't do online trading and their warehouses are telling people not to come in (put the two together I suspect their stock / inventory management is hit).

They're also chopping WFH capability which is interesting - I wonder if they suspect that's the 'attack vector', which is jargon for the weakpoint / means by which the attack was executed. If that does prove to be the case, watch out for a major jolt to the WFH model.

At the end of the day they're going to have to pay up if it's a ransomware hit which it sounds like. Nobody talks about it but I understand that pretty much everyone does.
Click to expand...
Can you imagine how CBDC will go?

Government will steal everybody's money...and say oh well.

Governments have to much control on the path we all need to go.
 
Is it really as simple as young guys like Tyler Buchanan holding the world to ransom from their bedrooms?
 
Westside Green said:
Is it really as simple as young guys like Tyler Buchanan holding the world to ransom from their bedrooms?
Click to expand...
It's a jungle out there. There are the bedroom assassins, who don't even need to be technical whizzes as the tools to do these things are freely available. Then there is organised crime, which also makes use of the wee guys. And then there are political 'hacktivists' and last, but the opposite of least, state actors - intelligence agencies and the likes.

I suspect M&S etc are being targeted because retail is lax on counter measures compared to financial services - ie they are a soft target - while being big enough to go after a sizable ransom. Small businesses are very vulnerable as they don't have the same defences either, but they also can't pay out the big sums (the average ransomware payout is ~£2m I believe, but big guys can be taken for a lot more)
 
Westside Green said:
About 20 years I met a student who was on the first degree course in Ethical Hacking.
He told me they could get in anywhere.
Click to expand...
Pretty much. Never been my area but I worked for an IT company that had 'red teams' you could hire to test your defences by hacking you. They'd usually be in within an hour or two.

My favourite story in this area I heard from a guy who helped the Iranians with stuxxnet. That was a virus that infiltrated Iranian uranium enrichment facilities and altered the operation of their machinery so parts wore out and slowed down their efforts.

Anyway, this dude and his merry men spent months weeding it out. They'd just declared victory when at 3am every computer in the building turned on, played Hells Bells by ACDC for 30 seconds, then shut down again. As he said; 'just Israel letting us know they're still here'
 
Smurf said:
Anyone know of any courses to learn this stuff? 🐑
Click to expand...


They've posted a 'how to' on YouTube.
Same software that's being used above. They take a cut of your ransom once you succeed.

Mental.
 
M&S now saying they will be impacted until July. At £43m related losses a week, I read, you can see why others pay out, which I guess they have not done.
 
egb_hibs said:
M&S now saying they will be impacted until July. At £43m related losses a week, I read, you can see why others pay out, which I guess they have not done.
Click to expand...
I’m told that the decision to pay or not pay isn’t theirs to make but is for the insurance company. Although if M&S don’t have insurance to cover such an eventuality then they’re pretty much fucked and could conceivably go bust due to the astronomical cost to their income.
 
Beagle said:
I’m told that the decision to pay or not pay isn’t theirs to make but is for the insurance company. Although if M&S don’t have insurance to cover such an eventuality then they’re pretty much fucked and could conceivably go bust due to the astronomical cost to their income.
Click to expand...
I should know this having had to wade through cyber insurance guff, but tbh I don't or have forgotten. However intuitively it seems to me that would make sense if the insurer was paying out. I don't see how they could stop M&S waiving the insurance and paying themselves ?
 
egb_hibs said:
M&S now saying they will be impacted until July. At £43m related losses a week, I read, you can see why others pay out, which I guess they have not done.
Click to expand...
Over £300m apparently according to BBC Radio 4 news.
I was in M&S food place on Princes Street getting stuff for my auld mum the other day. All seemed OK on that side however I think online shopping is still badly effected. On the other hand the CooP was also attacked. Deliveries have been badly effected. In my shop of choice, Scotmid on Ferry Road chilled meat, fish, chicken fridges depleted, not that it bothers me, however so are there usually extensive wine shelves and by fuck that does.

BIG G
 
GORDONSMITH7 said:
Over £300m apparently according to BBC Radio 4 news.
I was in M&S food place on Princes Street getting stuff for my auld mum the other day. All seemed OK on that side however I think online shopping is still badly effected. On the other hand the CooP was also attacked. Deliveries have been badly effected. In my shop of choice, Scotmid on Ferry Road chilled meat, fish, chicken fridges depleted, not that it bothers me, however so are there usually extensive wine shelves and by fuck that does.

BIG G
Click to expand...
I believe the coop guys handled it better; pulled the plug when they realised they were under attack. Big call but the right one.
 
You must log in or register to reply here.
  • Menu
  • Home
  • Hibs Chat
  • New Posts
  • Just Back
  • Chatroom