Earning for Cyber -Napada in April 2025 UK retailers Marks & Spencer and Co -op were classified as a “single combined cyber”.
This is evaluated by the Cyber monitoring Center (CMC), an independent non-profit body based in the UK, created by the insurance industry for the classification of major cyber events.
“Given that one of the actors threatened has claimed responsibility for both M&S and co-op, close terms and similar tactics, methods and procedures (TTPS), CMC evaluated incidents as the only combined cyber picard, CMC and CMC – Note.
The organization classified retail violations as a “systemic category 2” event. It is estimated that safety violations will have a total financial impact of 270 million pounds ($ 363 million) up to £ 440 million ($ 592 million).
Though Cyber -taka on Harrods At about the same time, at this stage, it was not included, citing the lack of proper information about the cause and impact.
The initial access vector used in the attacks focused on Marks & Spencer, and the co-op that has been spinning around the use of social engineering tactics, particularly focused on IT assistance.
The CMC further noted that the attribution efforts are ongoing. In this regard, the notorious cybercriminatory group, known as a scattered spider (aka UNC3944), remains behind the invasion.
A group, an offshoot of a greater cybercrime community known as Com, has the results of the use of its English-speaking members to conduct advanced social engineering attacks, where they pretend to be members of the company’s IT department to gain unauthorized access.
“The influence of this event is” narrow and deep “, which has significant consequences for two companies, as well as effects for providers, partners and service providers,” the CMC said.
Earlier this week Google Group Group (Gtig) disclosed This scattered web actors began to focus on large insurance companies in the US.
“Given the history of this actor, focusing on the sector at a time, the insurance industry should be more, especially for social engineering schemes that focus on their help and count centers,” said John Hultckvist, Gtig chief analyst.
“The expected threat Iranian Cyber is a duty for American organizations Recently, it has been the focus of many discussions, but these subjects have already focused on important infrastructure. We expect more high -profile incidents in the near future when they move from the sector to the sector. “
Development occurs as Indian Consulting Giant Tata Consultancy Services (TCS) disclosed that its systems or users have not been broken as part of the attack on Marks & Spencer. Last month Financial Times report What TCS is there inspection Whether its systems were used as a launch pad for the attack.
It also follows from the new Qiilin Ransomware Operation Strategy, which include Offering legal assistance to increase pressure during the purchase talks. Threatening actors also claim that they have their own team of journalists who can work with the legal department to create blog posts and assist in the victim negotiations.
