Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
UK authorities have arrested four individuals believed to be connected to the cyber attacks on UK retailers Marks & Spencer (M&S), Co-op, and Harrods.
The British National Crime Agency (NCA) said it had arrested three males – two of whom are aged 19 and one is 17 – and one female aged 20, who were suspected of breaching the Computer Misuse Act for money laundering, blackmail and participating in organised crime.
The suspected criminals were arrested at home and are being detained in London and the West Midlands of England after having their devices seized. They are currently being questioned by the NCA’s National Cyber Crime Unit as part of an investigation into the breach.
The cyber attacks on the retailers began in April when M&S suffered a data breach that led to it shutting down operations. At one point, the company said the financial losses caused were estimated to be roughly £300 million (over A$618 million).
A cyber attack on Co-op closely followed, which also led to system disruption and empty shelves in stores. However, thanks to a quick response, Co-op was less impacted. Famous retailer Harrods was the third victim.
Experts, media, and the organisations themselves attributed the cyber attack to either the DragonForce ransomware gang or the Scattered Spider hacking collective, after investigations determined that DragonForce malware was found on victim systems.
The NCA has said the attacks were orchestrated by “loosely aligned parties” working together under the leadership of DragonForce.
The Scattered Spider hacking collective has a tendency to target multiple victims within a single industry before moving on, and was believed to have begun targeting a number of US retailers after the UK attacks.
Most recently, experts have attributed a wave of cyber attacks on major airlines to the Scattered Spider hacking collective.
“Initial reports on Qantas’ cyber breach show many hallmarks of the Scattered Spider ransomware group, which claimed responsibility for attacks against America’s Hawaiian Airlines and Canada’s Westjet last week, and the crippling attack against Marks & Spencer in the UK in April,” Tony Jarvis, field chief information security officer and vice president APJ at Darktrace, told Cyber Daily.
“Scattered Spider are thought to be native English speakers who don’t just exploit technical vulnerabilities but manipulate people, especially IT help desks, through phishing, multifactor authentication (MFA) bombing, and SIM swapping to gain access.”
Be the first to hear the latest developments in the cyber industry.
