Skip to main content
What can we learn from the M&S Cyber attack?

The recent cyber attack on Marks and Spencer (M&S) has highlighted the critical need for robust cybersecurity measures in today's digital landscape. The attack, which has been linked to the Scattered Spider group, has caused significant disruption to M&S's operations, leading to millions being wiped off their share price and potential fines from the Information Commissioner's Office (ICO). This incident serves as a stark reminder of the vulnerabilities that businesses face and underscores the importance of proactive cybersecurity strategies.

The Attack and Its Impact

The cyber attack on M&S first came to light over the Easter weekend, but reports suggest that the hackers had breached the company's systems as early as February. This prolonged period of undetected access allowed the attackers to cause extensive damage, affecting online purchases, gift card transactions, and even the availability of products in stores. The financial impact has been severe, with M&S losing millions of pounds each day as they struggle to recover from the attack.

Key Lessons Learned

Everyone is a Target: Undoubtedly, M&S were targeted in this attack but that should not give smaller businesses any comfort as if they can be hacked, with their IT budget – where does that leave everyone else? Most cyber attacks are not targeted - the victims make themselves the target by clicking a bad link, overlooking critical vulnerabilities or using recycled passwords and outdated software.

Early Detection and Response: One of the most critical lessons from the M&S attack is the importance of early detection and rapid response. The fact that the hackers were able to remain undetected for several months highlights the need for continuous monitoring and advanced threat detection capabilities. This is where services like Pro-Networks' 24x7 Endpoint Managed Detection and Response (MDR) can make a significant difference. With round-the-clock monitoring and advanced threat detection, MDR ensures that potential threats are quickly identified and neutralised, preventing them from causing extensive damage.

Comprehensive Identity Protection: The M&S incident also underscores the importance of protecting identities within an organisation. Hackers often gain access to systems through compromised credentials, making it essential to have robust identity protection measures in place. Pro-Networks' Identity Threat Detection and Response (ITDR) service provides continuous visibility and expert monitoring of your identity attack surface. By proactively detecting and responding to threats such as session hijacking, privilege escalation, and credential theft, ITDR helps prevent unauthorised access and protects your business-critical assets.

Effective Incident Management: When a cyber attack occurs, having an effective incident management process is crucial. Pro-Networks' MDR service includes a Threat Containment and Elimination process, which ensures that attackers are swiftly removed from your systems. Incident reports detailing how the attack happened and what was done to remediate it provide valuable insights for preventing future incidents.

Simplified Security Information and Event Management (SIEM): Managing the vast amounts of data generated by security systems can be challenging. Pro-Networks' SIEM service simplifies this process by offering 24x7 monitoring and end-to-end management. Their Smart Filtering technology captures only the data that matters, making it easier to identify real threats without being overwhelmed by noise. This streamlined approach not only enhances security but also makes compliance with regulatory requirements more manageable.

The Business Armour Advantage

The Business Armour range of products from Pro-Networks offers comprehensive cybersecurity solutions that address the key lessons learned from the M&S attack. By leveraging MDR, ITDR, and SIEM services, businesses can significantly enhance their security posture and protect themselves from similar incidents.

  • MDR: Provides continuous monitoring and rapid response to threats found on hardware, ensuring early detection and neutralisation of potential attacks.
  • ITDR: Offers comprehensive visibility and proactive protection of your identity attack surface, usually within your Micrsoft 365 environment, preventing unauthorised access and safeguarding critical assets.
  • SIEM: Simplifies the management of security data, including network traffic logs, enabling effective threat detection and elimitation and compliance with regulatory requirements.

Conclusion

The cyber attack on Marks and Spencer serves as a wake-up call for businesses to take cybersecurity seriously. By implementing robust security measures and leveraging advanced services like those offered by Pro-Networks, organisations can protect themselves from the devastating impacts of cyber attacks. Now is the time to invest in comprehensive cybersecurity solutions and ensure that your business is prepared to defend against the ever-evolving threat landscape.

To find out more how Business Armour can protect your business please click here.
 

Blog Category

x

 

To speak to an engineer call

01244 535527

Start a remote support session by clicking the button below.

Remote Support

Login to the Helpdesk by clicking the following button.

Helpdesk Login