This article is from the source 'bbc' and was first published or seen on . The next check for changes will be
You can find the current article at its original source at https://www.bbc.com/news/articles/cg72kg5yn2ko
The article has changed 4 times. There is an RSS feed of changes available.
| Version 2 | Version 3 |
|---|---|
| 'They wanted $4m': Lessons for M&S from other cyber attacks | 'They wanted $4m': Lessons for M&S from other cyber attacks |
| (31 minutes later) | |
| As Marks & Spencer - and its customers - continue to reel from a major cyber attack, other people who have gone through similar experiences have been sharing what it is like to be targeted by hackers. | As Marks & Spencer - and its customers - continue to reel from a major cyber attack, other people who have gone through similar experiences have been sharing what it is like to be targeted by hackers. |
| "It was an absolute nightmare," says Sir Dan Moynihan. He runs the Harris Federation, a group of 55 schools in the London and Essex area. | "It was an absolute nightmare," says Sir Dan Moynihan. He runs the Harris Federation, a group of 55 schools in the London and Essex area. |
| Sir Dan told the BBC how it was hacked four years ago by the Russian ransomware crime group REvil. | |
| "Their purpose was to blackmail us into paying $4m (£3m) in cryptocurrency within 10 days," he said. | "Their purpose was to blackmail us into paying $4m (£3m) in cryptocurrency within 10 days," he said. |
| "If we didn't pay in 10 days, they wanted $8m." | "If we didn't pay in 10 days, they wanted $8m." |
| The hack caused chaos. The finances of the school group were hit, with staff and bills left unpaid. | The hack caused chaos. The finances of the school group were hit, with staff and bills left unpaid. |
| Sir Dan said the group lost teaching materials, lesson plans and registration systems. | Sir Dan said the group lost teaching materials, lesson plans and registration systems. |
| Even medical records and fire and phone systems were affected. | |
| Sir Dan Moynihan said it took the Harris school group months to fix their systems after they were hacked | Sir Dan Moynihan said it took the Harris school group months to fix their systems after they were hacked |
| Delay and don't pay | Delay and don't pay |
| M&S has also been targeted with ransomware - malicious software which locks an owner out of their computer or network and scrambles their data. | M&S has also been targeted with ransomware - malicious software which locks an owner out of their computer or network and scrambles their data. |
| Typically the criminals who use it then demand a fee to unlock those systems. Sir Dan says it was a demand he resisted. | |
| Instead, the school group approached a firm of cyber specialists who employed a hostage negotiator. That individual then took on the role of an inexperienced school bursar - an administrator - who pretended to not know what was going on. | Instead, the school group approached a firm of cyber specialists who employed a hostage negotiator. That individual then took on the role of an inexperienced school bursar - an administrator - who pretended to not know what was going on. |
| They took up negotiations with the hackers, with the purpose of delaying them for as long as possible so the school group could rebuild its systems. | They took up negotiations with the hackers, with the purpose of delaying them for as long as possible so the school group could rebuild its systems. |
| Speaking to BBC Radio 4's Today programme, Sir Dan said: "The Russians had stolen data from us - they didn't tell us what - and they threatened to put this stuff up on the dark web and cause us great embarrassment, and secondly they would lock down our systems." | |
| He said it took the group three months to get everything working again, at the cost of £750,000. Among the work was 30,000 devices that needed to be "cleaned" following the hack. | |
| Was there ever a question of giving the criminals what they wanted? Never, said the school group boss. | Was there ever a question of giving the criminals what they wanted? Never, said the school group boss. |
| "The money we have is for disadvantaged young people, and secondly had we paid we would have opened the door for other school groups to be attacked." | "The money we have is for disadvantaged young people, and secondly had we paid we would have opened the door for other school groups to be attacked." |
| The personal cost | The personal cost |
| Wedding dress designer Catherine Deane says that dealing with Meta was "almost traumatising" | Wedding dress designer Catherine Deane says that dealing with Meta was "almost traumatising" |
| The experience of being hacked can be a difficult one for individuals caught in the disruption. | The experience of being hacked can be a difficult one for individuals caught in the disruption. |
| Wedding dress designer Catherine Deane said it was "devastating" when her company's Instagram account was hacked. | Wedding dress designer Catherine Deane said it was "devastating" when her company's Instagram account was hacked. |
| "It felt like the rug had been pulled from under us. Instagram is our primary social platform, and we've invested the most amount of time and business resources into it. | "It felt like the rug had been pulled from under us. Instagram is our primary social platform, and we've invested the most amount of time and business resources into it. |
| "To keep the account current we post content every day. Suddenly all this work… it was just pulled." | "To keep the account current we post content every day. Suddenly all this work… it was just pulled." |
| She told the BBC last month of the difficulty of fixing the problem with Meta, the owner of Instagram, describing that experience as "almost traumatising". | She told the BBC last month of the difficulty of fixing the problem with Meta, the owner of Instagram, describing that experience as "almost traumatising". |
| In June last year, staff at hospitals in London told of how they were left grappling with the aftermath of a cyber attack that led to many hours of extra work for their staff. | In June last year, staff at hospitals in London told of how they were left grappling with the aftermath of a cyber attack that led to many hours of extra work for their staff. |
| A critical incident was declared after the ransomware attack targeted the services provided by pathology firm Synnovis. | A critical incident was declared after the ransomware attack targeted the services provided by pathology firm Synnovis. |
| Services including blood transfusions were severely disrupted at Guy's and St Thomas' Hospital and King's College Hospital (KCH). | Services including blood transfusions were severely disrupted at Guy's and St Thomas' Hospital and King's College Hospital (KCH). |
| Dr Anneliese Rigby, a consultant anaesthetist at KCH, told the BBC at the time: "So what the labs are having to do is receive the blood sample, manually process that, which is a long, time-consuming process requiring a lot of staff which we don't have so we're having to get extra people to help with that." | Dr Anneliese Rigby, a consultant anaesthetist at KCH, told the BBC at the time: "So what the labs are having to do is receive the blood sample, manually process that, which is a long, time-consuming process requiring a lot of staff which we don't have so we're having to get extra people to help with that." |
| 'Like going back in time' | |
| M&S has only issued limited information in its official statements, and has not put anyone up for interview. | |
| However, people claiming to work for the retailer have given a sense of the chaos on social media. | |
| On Reddit, users who identified themselves as M&S workers, something the BBC has not verified, described the impact of the cyber attack. | |
| One wrote that most internal systems had been affected and that there had been experiments with "resuming operations manually with paper and pen". | |
| Another poster said head office staff were working weekends, and that the problems were "like going back in time". | |
| While some reported shortfalls in goods coming in, others described oversupply of some items, which meant food went to waste. | |
| What is clear is other companies are watching what's happening closely, even more so since another retailer, the Co-op, shut down some of its IT systems this week in response to a separate cyber attack. | |
| "We're patching like mad," is what one retailer told the BBC. | |
| In other words, they are making sure every part of system has the most up-to-date software and protections. | |
| Sir Charlie Mayfield, the former chairman of John Lewis, said other firms understood only too well how vulnerable they were. | |
| "Online shopping has completely transformed retail - as technology becomes more pervasive, the risk of this kind of attack rises with it," he told the BBC. | |
| According to the cyber security breaches survey, conducted by the UK government, 74% of large businesses said they were targeted with cyber attacks last year. | |
| It seems likely there will still be many difficult days ahead for M&S. | It seems likely there will still be many difficult days ahead for M&S. |
| Additional reporting by Zoe Kleinman, Chris Vallance, Joe Tidy and Tom Gerken | Additional reporting by Zoe Kleinman, Chris Vallance, Joe Tidy and Tom Gerken |
| Sign up for our Tech Decoded newsletter to follow the world's top tech stories and trends. Outside the UK? Sign up here. | Sign up for our Tech Decoded newsletter to follow the world's top tech stories and trends. Outside the UK? Sign up here. |