As Marks & Spencer (M&S) - and its customers - continue to reel from a major cyber attack, other people who have gone through similar experiences have been sharing what it is like to be targeted by hackers. "It was an absolute nightmare", says Sir Dan Moynihan. He is the Senior Executive Principal and Chief Executive of the Harris Federation, a group of 55 schools in the London and Essex area. It was hacked in 2021 - Sir Dantold the Today programme, on BBC Radio 4, that the culprits were the Russian ransomware crime group REvil. "Their purpose was to blackmail us into paying four million dollars in cryptocurrency within ten days," he said. "If we didn't pay in ten days, they wanted eight million." The hack caused chaos. Sir Dan said the group lost teaching materials, lesson plans and registration systems. More importantly, they also lost medical records and even the fire and phone systems were affected. The finances of the school group were hit. Staff, and bills, were left unpaid. M&S has also been targeted with ransomware - malicious software which locks an owner out of their computer or network and scrambles their data. The criminals then demand a fee to unlock it. Sir Dan says it was a demand he resisted. Instead, the school group approached a firm of cyber specialists who employed a hostage negotiator. That individual then took on the role of an inexperienced school bursar - an administrator - who pretended to not know what was going on. They took up negotiations with the hackers, with the purpose of delaying them for as long as possible so the school group could rebuild its systems. "The Russians had stolen data from us - they didn't tell us what - and they threatened to put this stuff up on the dark web and cause us great embarrassment, and secondly they would lock down our systems." Sir Dan said it took the Harris Federation three months to get everything working again, at the cost of £750,000. Among the work was 30,000 devices that needed to be "cleaned" following the hack. Was there ever a question of giving the criminals what they wanted? Never, said the school group boss. "The money we have is for disadvantaged young people, and secondly had we paid we would have opened the door for other school groups to be attacked." It is not known whether similar scenes are playing out behind the scenes at M&S, as the company has only issued limited information in its official statements, and has not put anyone up for interview. But people claiming to work for the retailer have given a sense of the chaos on social media. On Reddit, users who identified themselves as M&S workers, something the BBC has not verified, described the impact of the cyber attack One wrote that most internal systems had been affected and that there had been experiments with "resuming operations manually with paper and pen". Another poster said head office staff were working weekends, and that the problems were "like going back in time". While some reported shortfalls in goods coming in, others described oversupply of some items, which meant food went to waste - with one saying they had to pour away multiple pints of milk. What is clear is other companies are watching what's happening closely, even more so since another retailer, the Co-op, shut down some of its IT systems this weekin response to a separate cyber attack. "We're patching like mad," is what one retailer told the BBC. In other words, they are making sure every part of system has the most up-to-date software and protections. Sir Charlie Mayfield, the former chairman of John Lewis, said other firms understood only too well how vulnerable they were. "Online shopping has completely transformed retail - as technology becomes more pervasive, the risk of this kind of attack rises with it," he told the BBC. According to the cyber security breaches survey, conducted by the UK government, 74% of large businesses said they were targeted with cyber attacks last year. The experience of being hacked can be a difficult one for individuals caught in the disruption. Wedding dress designer Catherine Deane said it was "devastating" when her company's Instagram account was hacked. "It felt like the rug had been pulled from under us. Instagram is our primary social platform, and we've invested the most amount of time and business resources into it. "To keep the account current we post content every day. Suddenly all this work… it was just pulled." She told the BBC last monthof the difficulty of fixing the problem with Meta, the owner of Instagram, describing that expereince as "almost traumatising". In June last year, staff at hospitals in London told of how they were left grappling with the aftermath of a cyber attack that led to many hours of extra work for their staff. A critical incident was declared after the ransomware attack targeted the services provided by pathology firm Synnovis. Services including blood transfusions were severely disrupted at Guy's and St Thomas' Hospital and King's College Hospital (KCH). Dr Anneliese Rigby, a consultant anaesthetist at KCH,told the BBC: "So what the labs are having to do is receive the blood sample, manually process that, which is a long, time-consuming process requiring a lot of staff which we don't have so we're having to get extra people to help with that." It seems likely there will still be many difficult days ahead of M&S. Additional reporting by Zoe Kleinman, Chris Vallance, Joe Tidy and Tom Gerken Sign up for our Tech Decoded newsletterto follow the world's top tech stories and trends.Outside the UK? Sign up here.
'They wanted $4m': Lessons for M&S from other cyber attacks
TruthLens AI Suggested Headline:
"Marks & Spencer Faces Cyber Attack Amid Insights from Previous Incidents"
Bbc News
6.8
TruthLens AI Summary
Marks & Spencer (M&S) is currently grappling with the aftermath of a significant cyber attack, which has drawn parallels to the experiences of other organizations that have faced similar threats. Sir Dan Moynihan, Chief Executive of the Harris Federation, shared his own harrowing experience with a ransomware attack in 2021, orchestrated by the Russian group REvil. This attack resulted in a demand for a ransom of four million dollars in cryptocurrency, leading to severe disruptions across the school group's operations. Critical systems, including teaching materials, medical records, and financial management, were compromised, resulting in a long recovery process that incurred costs of approximately £750,000. Moynihan emphasized the importance of not succumbing to ransom demands, stating that their financial resources were intended for disadvantaged students and that paying the ransom would have potentially endangered other educational institutions by setting a precedent for future attacks.
As M&S navigates the chaos created by the cyber attack, details of the disruption have emerged from individuals claiming to be employees of the company. Reports indicate significant challenges in maintaining operations, with some staff resorting to manual processes reminiscent of earlier times. There have been mixed reports regarding inventory management, with some items in short supply while others have led to waste due to oversupply. Other retailers are closely monitoring M&S's situation, especially following a separate cyber incident affecting the Co-op. The increasing frequency of cyber attacks is a growing concern, as highlighted by recent statistics indicating that 74% of large businesses in the UK experienced targeted attacks last year. The cumulative experiences of various sectors, including healthcare and retail, underscore the urgent need for enhanced cyber security measures and the resilience required to recover from such incidents. As organizations continue to adapt to the realities of cyber threats, the lessons learned from M&S and others will be critical in shaping future strategies for protection and recovery.
TruthLens AI Analysis
The article provides a detailed account of the recent cyber attack on Marks & Spencer (M&S), drawing parallels to previous experiences faced by other organizations, particularly the Harris Federation. By sharing real-life consequences and coping strategies from these incidents, the piece aims to highlight the severity of cyber threats and the importance of preparedness in addressing such challenges.
Intent of the Article
One of the primary intentions behind this article appears to be raising awareness about the vulnerabilities organizations face from cyber attacks. By including a personal testimony from Sir Dan Moynihan of the Harris Federation, the article emphasizes the chaos and financial repercussions that can ensue from a ransomware attack. This serves to alert M&S's customers and other businesses about the potential risks and the dire need for robust cybersecurity measures.
Public Perception
The article seeks to foster a sense of urgency regarding cybersecurity. By detailing the traumatic effects of the Harris Federation's experience, it aims to create a perception that organizations, including M&S, must take such threats seriously. It could also evoke sympathy for those affected, portraying them as victims of sophisticated cybercriminals.
Information Omission
While the article is informative, it may omit discussions on the broader context of cybercrime, such as the geopolitical implications of ransomware attacks or the specific measures M&S is already taking to counteract these threats. This might lead to a somewhat skewed understanding of the situation by focusing primarily on the negative outcomes without addressing potential mitigations already in place.
Manipulative Elements
The inclusion of dramatic phrases and personal anecdotes may enhance the emotional impact of the article, which could be seen as manipulative. The focus on fear—such as the threat of sensitive data being released—could be used to drive home the point that cybersecurity should be a priority for all organizations.
Trustworthiness of the Article
The article appears to be fairly reliable in its recounting of events and the expert opinions presented. However, the reliance on anecdotal evidence from a singular source could limit its overall credibility. The absence of diverse perspectives, including insights from cybersecurity experts or M&S representatives, may hinder a comprehensive understanding of the issue.
Societal Impact
The reporting on M&S's cyber attack could have several broader implications, including increased public scrutiny of corporate cybersecurity practices. Companies may face pressure to improve their defenses, potentially leading to an increase in cybersecurity investments. This trend could also result in heightened awareness among consumers regarding data privacy and security.
Target Audience
This article seems to resonate with a wide audience, particularly business leaders, IT professionals, and consumers concerned about data security. By highlighting personal narratives, it may also appeal to those who empathize with the struggles faced by organizations in the wake of cyber threats.
Market Influence
In terms of market implications, this article could influence stock prices for companies involved in cybersecurity. M&S might experience a temporary dip in consumer confidence, impacting sales and share prices. Conversely, cybersecurity firms may see a boost in interest and investment as organizations look to fortify their defenses against similar attacks.
Geopolitical Relevance
The article touches on the involvement of Russian cybercriminals, which ties into broader discussions regarding international cybersecurity policies and the need for global cooperation to combat cyber threats. Given the current geopolitical climate, this is a pertinent issue.
Use of AI in Article Composition
It is plausible that AI could have played a role in drafting or editing this article, particularly in structuring the narrative and ensuring clarity. AI models focusing on natural language processing might have influenced the article’s tone, making it more engaging. However, the depth of personal anecdote suggests that human input was essential in conveying emotional weight.
In conclusion, while the article effectively raises awareness about cybersecurity threats, it may also lean towards an emotional appeal that could be interpreted as manipulative. The narrative focuses on the urgent need for organizations like M&S to prioritize cybersecurity, likely aiming to influence both corporate practices and public perception.