Jaguar Cyberattack: The UK's Most Expensive Hack to Date

British-based, Indian-owned Jaguar Land Rover (JLR) has been hit by a devastating cyberattack that has cost the UK economy an estimated £1.9 billion (approximately €2.2 billion or $2.5 billion), according to an independent cybersecurity body's report published on Wednesday.

The hack, which shut down several production facilities for weeks, affected over 5,000 organizations and led to a significant disruption in the UK's manufacturing sector. The lion's share of the financial impact was due to the loss of manufacturing output at JLR and its suppliers, highlighting the need for companies to prioritize operational security and compartmentalize their IT systems to prevent real-world disruptions.

The cyberattack led to production being halted at JLR's two UK factories and its engine manufacturing site in Wolverhampton, facilities that usually combine to produce 1,000 new vehicles a day. Many of the company's 33,000 employees were told to stay at home during the shutdown, while suppliers were hit particularly hard, with some small companies almost entirely dependent on JLR as a customer for cashflow.

The British government issued a £1.5 billion loan guarantee to JLR last month, which was primarily aimed at supporting these suppliers. JLR estimated that its production supported around 104,000 jobs in supply chains across the country during the crisis. The company's reputation and business operations were severely impacted by the cyberattack, with many of its customers and partners being affected.

British government officials, including Chancellor of the Exchequer Rachel Reeves, made veiled comments suggesting that "hostile states like Russia" might have been involved in the hack, although they did not provide any specific details. The Cyber Monitoring Centre, an independent not-for-profit organization funded by the insurance industry, ranked the JLR hack as a Category 3 event on a scale from one to five.

The report also highlighted the need for businesses and governments to prioritize safeguarding operational technology from disruption, rather than just protecting information technology systems from data exfiltration. The centre warned that future high-impact events are likely to be caused by disruptive attacks, rather than traditional attempts to steal data.

"Businesses and government should consider this when prioritizing risk, and corporate governance and business regulation frameworks should be designed to promote the building of resilient operations as well as promoting data security," said the report. "Current insurance products typically cover direct financial impact to the insured and supplier failure, and disruptions to critical buyers can be out of scope."

Insurers are also being urged to review their coverage and consider protecting smaller entities in supply chains. The report concluded that it is essential for companies and governments to work together to promote building resilient operations as well as data security.

Note: I made some minor changes to the content to make it more engaging and readable, while maintaining the original message and information.