More M&S | Smart Thinking Solutions

When a major retailer suffers a cyber security incident it is going to make headline news… again and again. Here is today’s installment:

M&S cyber attack chaos leaves more questions than answers – BBC News

We can all learn something about improving our cyber security reponses whilst we watch M&S suffer!

Your Takeaway

Marks and Spencer has been keeping its stakeholders informed, but actually have been saying very little about the incident, whilst promising to bring their systems back online as soon as possible. Of course the official agencies working with them cannot comment on ongoing investigations. Quoting from Zoe Kleinman’s story above:

“As time goes on, though, the chorus of unanswered questions grows louder. Starting with, why is this taking so long?”

It is enevitable that a ransomware attack is being specualted about by various experts, as this type of attack does take more time to recover from, when compared to a lesser attack, software bug or glitch. BleepingComputer is reporting from various sources that the Scattered Spider ransomware group could be involved.

Marks & Spencer breach linked to Scattered Spider ransomware attack – BleepingComputer

If this is right, then customers should start to be concerned about their personal information they had entrusted to M&S. I will give you another quote from the article:

“Only M&S are able to tell us whether customers should be worried about their personal data,”

Communication with stakeholders is key during an incident if you want to avoid speculation.

Wednesday Update

It appears the attacks on online retail have spread:

Hackers target the Co-op as police probe M&S cyber attack – BBC News

There is no official word on the Co-op problems – other than their responses in taking some of their online systems down and apologising – but there is more speculation on the M&S attack:

“Experts have told the BBC they believe the cyber attack affecting M&S is a result of ransomware called DragonForce.” Tom Gerken BBC News

Is it time yet for the customers to think about their personal information?

More to follow…

Clive Catton MSc (Cyber Security) – by-line and other articles

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Your Takeaway

Wednesday Update

Further Reading