The Marks & Spencer cyber attack struck during a challenging period for CEO Stuart Machin. He was midway through the third year of an ambitious turnaround strategy for the business, having just awarded staff a 39% pay increase, costing £7.1 million. Despite the gusty headwinds facing the high street giant at the time of the attack, Machin demonstrated exemplary leadership, effectively navigating complex communications – particularly given the additional uncertainty of share price volatility.
Machin was directly emailed by the threat actor group DragonForce using a compromised employee’s account to demand ransom. This direct contact shows the attackers not only breached technical defences but also identified Machin as a key decision-maker.
Addressing him personally demonstrated their direct access channel, showing awareness of his role, interests, and charitable activities. This tactic accelerated the process, aiming to apply psychological pressure by leveraging his visibility and reputation. This highlighted how cybercriminals now exploit both technical and personal vulnerabilities, showing how it could also affect the wider business. But this is nothing new. Direct contact is now a routine part of ransomware negotiations, and private equity firms must be prepared for it.
Some useful tips to keep in mind:
- Never interact with threat actors without formal consideration and expert guidance; engaging without a clear strategy can have direct and damaging implications for your business.
- Never click on links or open attachments sent by attackers, as these can escalate the breach.
- Every response should be carefully considered, including the tone and language used, since even seemingly minor missteps can provoke or annoy threat actors, potentially worsening the situation.
- While these attackers may appear anonymous, they are people who can react and retaliate if they feel threatened.
- The lesson is clear: having a visible online profile makes you a potential target, whether directly or as part of a broader attack. While being online is essential, so is vigilance - especially during periods of heightened cyber threat. Partnering with specialists like Thomas Murray ensures you have the expertise and protection needed to navigate these risks confidently.
As cyber attacks become more sophisticated, organisations must prioritise robust cyber security solutions to safeguard their assets. We provide a holistic approach to mitigating risk, ensuring regulatory compliance, and safeguarding your data and systems. Our team of experts will help you proactively manage exposure, response quickly to incidents, and make informed decision to defend against cyber attacks. Learn more here.
Cyber Risk
We understand that protecting your business from evolving cyber threats is crucial for your success. Whether you need expert advice, a tailored cyber security solution, or immediate support, we’re here to help.
Insights
Recent Cyber Attacks on Australian Super Funds: A Wake-Up Call for Enhanced Cyber Security
Recent cyber attacks on Australia’s Super funds highlight the need for stronger security.
The Rising Threat: How Cyber Risk is Reshaping Operational Due Diligence Priorities
Cyber threats are reshaping operational due diligence. Learn how investors are adapting to evolving risks and protecting their portfolios.
The Value of Tabletop Exercises for Law Firms and their Clients
Law firms face unprecedented challenges in protecting both their own assets and their clients' sensitive information.
An EvilProxy deep dive: From Outlook to Teams, the £1m heist
A UK-based multinational professional services group narrowly avoided a £1M business email compromise after a patient adversary manipulated an existin
Contact our experts
