英国零售巨头Marks & Spencer(M&S)在复活节期间遭遇严重勒索软件攻击,导致部分门店空架、线上订单瘫痪,员工无法打卡,供应商被迫使用纸笔记录。黑客组织DragonForce在威胁邮件中声称从中国一路攻击至英国,加密所有服务器,并索要赎金。M&S关闭VPN以遏制攻击扩散,但每周损失约4000万英镑销售额,客户数据也被窃取,包括电话号码、地址和出生日期。M&S将此归咎于"人为错误",并怀疑涉及IT服务提供商TCS员工的操作失误。尽管公司否认缺乏应对计划,但此次事件凸显企业需加强网络安全防护措施,并评估现有防御系统的有效性,以防类似攻击再次发生。 2025-6-6 13:42:21 Author: www.bitdefender.com(查看原文) 阅读量:12 收藏
Over Easter, retail giant Marks & Spencer (M&S) discovered that it had suffered a highly damaging ransomware attack that left some shop shelves empty, shut down online ordering, some staff unable to clock in and out, and caused some of its major suppliers to resort to pen and paper.
In a gloating abuse-filled email to M&S CEO Stuart Machin, the DragonForce hacker group claimed responsibility for the attack.
According to a BBC News report, the message read in part:
"We have marched the ways from China all the way to the UK and have mercilessly raped your company and encrypted all the servers"
In a desperate attempt to contain the attack, M&S switched off the VPN used by staff to work remotely. Although this and other actions helped stop the attack from spreading, it also further disrupted the company's operations.
And there's no doubt that the impact of the ransomware attack on M&S's bottom line were significant: it has suffered approximately £40 million per week in lost sales.
And the attack wasn't just news for the retail giant and its suppliers. Last month, the company revealed for the first time that customer data had been stolen by the hackers - including telephone numbers, home addresses, and dates of birth.
M&S has blamed "human error" for the cyber attack, and fingers have been pointed in the direction of an employee of Tata Consultancy Services (TCS), which provides IT services to the retail giant.
Some have reported claims from insiders at M&S's head office that the company not have a proper plan in place for handling a ransomware incident, although the firm has officially disputed this saying it did have robust business continuity plans.
Whatever the truth, it's clear that more companies need to have put in place comprehensive tested plans on how to remediate a ransomware attack and other types of cybersecurity breach.
They would also be wise to evaluate carefully whether they are currently doing enough to defend their systems from a concerted attack by hackers - whether it arrives directly, or via a third-party supplier.
如有侵权请联系:admin#unsafe.sh