Unlock the Editor’s Digest for free
Roula Khalaf, Editor of the FT, selects her favourite stories in this weekly newsletter.
Marks and Spencer enlisted the help of the US FBI agency after a sustained cyber attack, the British retailer’s chair told a parliamentary select committee.
Archie Norman told the cross-party business committee on Tuesday that the retail chain “had an exchange with the FBI, who were very supportive” as they are “more muscled up in the zone”. The retailer has also been working with the UK’s National Crime Agency and the National Cyber Security Centre (NCSC) since the attack.
The M&S chair was giving evidence in the wake of a devastating cyber attack on the retailer that is expected to cost it up to £300mn in operating profits this year and at the time wiped £600mn off its market capitalisation. Norman faced the select committee alongside the Co-op, another retailer recently blighted by hackers, as part of a wider enquiry into the impact of cyber attacks on various organisations.
Norman publicly confirmed for the first time that M&S believed that Dragon Force, a group of largely Russian-speaking cyber criminals, was behind the attack, which left the retailer unable to sell clothes and furniture online for seven weeks. The group provides ransomware tools to other criminal gangs including Scattered Spider, which has also been linked to the M&S attack.
“When this happens, you don’t know who the attacker is,” Norman told the committee. “They never send you a letter signed Scattered Spider”.
Norman separately called on the government to make reporting on “major” cyber attacks mandatory.
“It is apparent to us that quite a large number of cyber attacks never get reported to the NCSC and we have reason to believe that two major cyber attacks in the last four months have gone unreported. We think that’s a big deficit in our knowledge as to what is happening.
“It’s not an overstatement to describe [the attack] as traumatic, we’re still in rebuild mode [of our systems] and we will be for some time to come,” he told MPs, adding that M&S would be working until October or November to replace or rebuild some of these, although it would not impact shoppers. “It’s like an out-of-body experience.”