Marks & Spencer Believes DragonForce Behind Ransomware Attack

British retailer Marks & Spencer (M&S) has come forward with a shocking revelation about the masterminds behind the devastating cyberattack that crippled its online shopping platform for nearly seven weeks in April. In a stunning admission to politicians on the UK parliament's Business and Trade Committee, M&S Chairman Archie Norman revealed that he believes the attack was orchestrated by a group called "DragonForce", a notorious ransomware operation based in Asia.

"Loosely aligned parties" worked together on the cyberattack, with Norman explaining that there was an instigator of the attack, followed by DragonForce, who were believed to be the ones deploying the ransomware. This revelation comes as no surprise, given reports from earlier this year that a hacking collective known as Scattered Spider had been linked to the attack. However, Norman pointed out that one common trait among attackers - they rarely leave behind a letter signed with their name or group's name.

"When this happens, you don't know who the attacker is, and in fact, they never send you a letter signed Scattered Spider," said Norman. This lack of communication with the victim can make it difficult to track down the attackers, leaving retailers and other organizations vulnerable to attack.

M&S was severely impacted by the cyberattack, which forced the retailer to suspend online shopping for nearly seven weeks. The attack not only disrupted the company's operations but also had significant financial implications. As part of its management of the cyberattack, M&S stopped taking online clothing orders and took other systems offline, resulting in reduced food availability, higher waste, and logistics costs.

The attack is estimated to have cost M&S around £300m in lost operating profit, a staggering sum that highlights the severity of the breach. The company resumed taking online orders for clothing lines on June 10 after a 46-day suspension but has yet to restore click and collect services. CEO Stuart Machin recently told investors that the group is expected to be over the worst of the fallout from the attack by August.

In light of this revelation, M&S has shed new light on the tactics employed by cyberattackers like DragonForce. While the company may have been able to restore its online shopping platform, the incident serves as a stark reminder of the ever-evolving threat landscape and the importance of robust cybersecurity measures for businesses.