Cyber attacks on retailers expose critical supply chain security gaps
The recent arrests of four suspects linked to cyber attacks on major UK retailers like Marks and Spencer, Co-op and Harrods serve as a stark reminder of how vulnerable today’s supply chains truly are.
These attacks, which caused massive disruption earlier this year and reportedly cost M&S alone around £300 million in damages, highlight a disturbing trend in the cybersecurity landscape. Threat actors are no longer simply going after individual organizations.
They are targeting interconnected networks, exploiting trust within supply chains and leveraging the weakest link to gain access to critical systems.
These kinds of attacks have become increasingly common, not solely because of the rapid technological advancement of threat actors’ tools, but because, put simply, they work.
When an attacker compromises a third-party vendor, whether that third-party is a Fortune 500 company or a small supplier, they can often bypass the traditional defenses of their actual target by using legitimate credentials or disguising their activity as that of a trusted entity.
Once inside the digital environment of their actual target, they move laterally, deploying ransomware or exfiltrating sensitive data before an in-house IT or security team realizes what’s happening.The evolving threat landscape
In the case of the attacks on UK retailers, authorities believe a group associated with the cyber gang, Scattered Spider, was behind the attack. They used impersonation and social engineering to breach third-party systems, eventually gaining access to the larger supermarket networks.
