Digital extortionists threaten British business headquarters with ransom demands

Digital extortionists threaten British business headquarters with ransom demands

Cyber attacks have been striking Marks & Spencer, Co-op, and Harrods, but the threat isn't exclusive to retailers. Hackers can invade almost any firm, in any industry, at any time, anywhere in the world. And it's a chilling truth that business leaders, along with investors, live in dread of being the next victim.

Over the last five years, UK companies have suffered a whopping £44 billion in lost revenue due to these digital assaults, with 52% of businesses falling prey to them, says insurance broker Howden. They've even brought in former hostage negotiators, who specialize in dealing with blackmailers and terrorists, to help steer clear of the danger.

Some companies have resorted to making ransom payments, fuelling concerns that insurance policies offering such cover encourage criminal activities. These devious hackers often find their way in through chinks in a company's cyber defense, such as the IT systems of a supplier.

The hacking gang known as DragonForce declared responsibility for the attacks on M&S, Co-op, and Harrods. Experts weigh in, suggesting they bear the hallmarks of a group called Scattered Spider – a band of teenage blackmailers. Whatever the identity of the criminals, they launched their destructive onslaught over the Easter bank holiday.

Top brass at M&S are unlikely to shell out a ransom if a demand is made, typically settled via the dark web using cryptocurrency. The retailer's ordeal, now in its third week, is a textbook example of a "ransomware" attack – data systems are infiltrated, disabled, and unfrozen only when a ransom is paid.

Related Articles

• Previous
• 1
• Next
• The Reality Check of the M&S Hack and the Implications It May Have...
• M&S Share Price under Pressure as Digital Chaos Continues into Second...

Share this Article

HOW THIS IS MONEY CAN HELP

• Tips to Secure Your Investments: Learn about diversification, asset allocation, and risk management strategies for your investments.

The harm inflicted on M&S is evident for all to see. Shelves are bare, customers can't place orders through the website and app, warehouse staff have been sent home, and the retailer's popular click-and-collect service remains suspended. Even recruitment has come to a halt as concerns grow that the digital crisis could drag on for months.

There are concerns that working from home could be a risk factor. According to M&S's latest annual report, "The sophistication and frequency of cyber-attacks continue to rise" as the company operates "a hybrid work model." Outsourcing IT by relying on contractors is also a concern, with M&S admitting that it relies on third-party controls for certain services.

In November last year, Co-op's rival Morrisons was targeted by hackers who focused on the warehouse technology supplier, Blue Yonder. The NHS, the Guardian newspaper, and the British Library have also fallen victim to ransomware attacks, causing temporary disruptions to their systems.

In some instances, the damage is fatal. Foreign exchange firm Travelex collapsed six months after a ransomware strike at the end of 2019. Administrators cited the assault as a primary factor.

One executive, George Weston, chairman of Primark owner Associated British Foods, warns that cybercrime is a threat "you're never fully on top of, no matter how hard you work at it." Barclays CEO CS Venkatakrishnan echoes this sentiment, stating that the bank spends "a lot of time, attention, and money" on cyber security efforts.

At Lloyds, finance chief William Chalmers confirmed that the bank has invested hundreds of millions of pounds into cybersecurity measures. The magnitude of the threat to businesses has been laid bare in a recent government report, stating, "For the serious and organized crime gangs behind the global fraud industry, ransomware is an increasingly lucrative part of their operations."

Ransomware attacks on UK firms "significantly increased between 2024 and 2025," the report added, with an estimated 19,000 companies falling victim to such attacks during this period. The National Cyber Security Centre reveals that 76% of UK businesses experienced a cybersecurity incident in the past year.

Most were low-level "phishing" attacks, where fake emails or websites are used to gain access to a user's password or bank details to plunder cash. Smaller firms are not immune to danger, often appearing as a softer target.

One critical question arises: Are companies hiring enough board directors with expertise in this field? Most chairmen and CEOs are in their 50s or older, significantly older than the teenage hackers who grew up online. If anything, boardrooms seem to have become weaker in this respect.

In 2021, nearly 40% of company boards had a director with specific responsibility for cyber security. Sadly, this has fallen sharply to just over a quarter. Oli Buckley, professor in cybersecurity at Loughborough University, deems this situation unsatisfactory.

"Ultimately, the buck stops with the chief executive and the board," he added. "Boards don't need to become experts in the technical minutiae, such as firewalls or encryption, but they do need to be actively engaged, ask the right questions, and ensure the right structures are in place."

The cost of ransomware attacks has led to the growth of cyber insurance policies. These policies typically cover business interruption losses during an attack and the cost of restoring IT systems afterward. They also pay for ransom-related costs such as negotiation or legal fees, and in some cases, even the ransom itself, up to a set limit.

"Most of our members offer cover where they will reimburse the payment of a ransomware demand," said Chris Mather, an underwriter at the Lloyd's Market Association. "Ransomware claims make up a big chunk of overall cyber claims. It's a very popular cover." However, payouts are only made after sanctions and financial crime checks have been carried out.

"Payments can't be reimbursed that have been made to prescribed individuals or entities such as terrorists," said Mather. For investors, cybersecurity is a key concern, as significant digital disruptions can have a significant impact on share prices.

1. Hackers have increasingly targeted the finance industry, with businesses like M&S, Co-op, and Harrods experiencing cyber attacks that can disrupt their stocks, pensions, and online services.
2. Part of the finance sector's concern over cyber attacks is the potential impact on cryptocurrency, as some ransom demands are settled through such digital currencies.
3. Alongside the finance sector, the business world has been impacted, with technology companies like Barclays also investing heavily in cybersecurity to protect against these threats.
4. In the face of these cyber threats, there is an increased demand for insurance coverage against ransomware attacks, as seen in the growth of dedicated cyber insurance policies.
5. Some companies have resorted to paying ransoms when faced with ransomware attacks, fueling concerns that such insurance policies may encourage such criminal activities.
6. Cybersecurity is a critical concern for investors, as significant digital disruptions can have a substantial impact on share prices, as exemplified by the ongoing M&S hack.
7. The knowledge gap between the age of cybercriminals and boardroom executives raises questions about the adequacy of boardroom cybersecurity expertise, with some experts suggesting a need for more directors with relevant experience in this field.

Read also: