Swindon & Wiltshire News

arrow_back_ios Back View more articles
South West bosses and IT managers have been warned to be on their guard following devastating cyber attacks against high-profile British businesses including M&S, Co-op and Harrods.
  • Swindon & Wiltshire Tech
  • Thursday May 8 2025

South West cyber experts warn bosses to be on guard following retail attacks

South West bosses and IT managers have been warned to be on their guard following devastating cyber attacks against high-profile British businesses including M&S, Co-op and Harrods.

The South West Cyber Resilience Centre, a partnership of police and civilian experts, has issued a Critical Update, setting out how scammers tricked their way into the retailers’ systems.

“These incidents appear to involve criminals impersonating IT help desks to trick staff into revealing login credentials – a technique known as social engineering,” said Steve Shepherd, CEO of the South West Cyber Resilience Centre.

Other tactics have involved phoning IT desks pretending to be locked-out employees.

The criminals use fluent English and credible scenarios to gain trust, Steve warned.

A ‘ransomware-as-a-service’ group calling itself DragonForce – which allows hackers to use its software for a 20 per cent cut of any ransoms earned – has contacted the BBC to claim responsibility for recent breaches.

The ransomware attacks resemble those carried out by the Scattered Spider group, known for targeting senior staff to gain access to sensitive systems.

The South West Cyber Resilience Centre is recommending businesses take urgent steps to better defend themselves from cyber attacks, including:

  • Review your password reset procedures, especially for senior roles
  • Introduce internal codewords or other identity checks for staff requesting credential changes
  • Reinforce awareness among staff of social engineering tactics
  • Monitor for unusual login activity, such as logins at odd times or from unexpected locations

“This is a timely reminder that no organisation is too small to be a target – simple procedural improvements can make a huge difference in resilience,” said Steve.

M&S was the first business to be attacked, over the Easter weekend. The attack left its e-commerce operation in disarray. On April 30, Co-op was forced to pull the plug on some of its IT systems to contain an attack. And on May 1 Harrods confirmed it had shut off a number of systems to lessen the impact of an attack on its systems.

In the South West, more than 3,000 incidents of cybercrime were reported in 2024, leading to total financial losses of over £73 million.

The South West Cyber Resilience Centre offers free cyber security consultations to businesses.

Image via https://www.pexels.com/

Similar Articles

View more articles

Articles featuring - South West Cyber Resilience Centre

View more articles
Business Biscuit
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.