Gareth Mott comments on the Jaguar Land Rover cyber incident

The UK's largest automotive employer has entered its fifth day of severely disrupted business operations due to a cyber breach.

Current media reports suggest that the breach is a ransomware attack. The attack may have involved a collaboration between Scattered Spider, ShinyHunters and Lapsus$. The coming days and weeks are likely to be extremely high-pressure for the company as its IT staff, non-IT staff and third parties try to remediate impacted systems, assess potential data exposure and push to resume business-as-usual. The impact of such cyber breaches can be measured through the metrics of lost production and delayed deliveries. However, there is also a personal human cost to ransomware, affecting staff, customers, and suppliers.

If reports are accurate, the ‘consortium’ perpetration of this attack corroborates warnings from the NCA earlier this year. The recent prominence of attackers who are fluent in English language and familiar with British brands and corporate culture must be of distinct concern, particularly given the increased risk that UK assets may be preferentially targeted.

View our research on Cybercrime and Ransomware