Peter Green Chilled, a UK-based logistics firm working with major retailers Tesco, Aldi, and Sainsbury’s, had some of its systems encrypted, not a month after the devastating cyberattack on Marks & Spencer.
Threat actors disrupted the logistics on Wednesday, after encrypting the company’s data and disrupting its operations, the BBC reported. According to an email from Peter Green Chilled, seen by journalists, the company was dealing with a ransomware attack.
Ransomware gangs infiltrate company systems, encrypt the data, and demand ransom in exchange for a decryption key. Operational disruptions are particularly sensitive to logistics companies, as delivery delays can severely impact the overall supply chain.
We have reached out to Peter Green Chilled for more details and will update the article once we receive a reply.
Ransomware attacks similar to this one can severely impact companies such as Peter Green Chilled, Aras Nazarovas, Information security researcher at Cybernews, observed.
“Attacks like these can cripple companies to a point where they might be temporarily unable to provide services to household name brands. In cases such as this one, it could lead to temporary shortages of specific products in supermarkets,” Nazarovas explained.
Meanwhile, Chris Dimitriadis, the Chief global strategy officer at ISACA, a professional association and learning organization for information security, believes the attack marks a worrying trend.
“Cybercriminals aren’t just targeting big names or critical infrastructure; they’re hitting the supply chain, where the knock-on effects can be just as serious. Disrupted deliveries, wasted stock, and financial losses all have real-world consequences,” Dimitriadis said.
UK retailers under attack
Retailer hacks have been making the UK headlines recently, after hackers breached retailers Marks & Spencer (M&S), Harrods, and Co-op. M&S was hit particularly hard, with the company still struggling to fully restore its systems nearly a month after the attack.
According to Reuters, the attack on M&S has likely already cost it over 60 million pounds ($80 million) in lost profit. It has also wiped out over 1 billion pounds from M&S' stock market value, the outlet noted.
Experts believe threat actors behind the M&S attack gained access to the company’s systems after using the login credentials of two employees from the third-party business partner Tata Consultancy Services (TCS).
“Attacks like these can cripple companies to a point where they might be temporarily unable to provide services to household name brands,”
Nazarovas explained.
Cybercriminal collective suspected to be behind the breach, Scattered Spider, is known for its sophisticated phishing techniques. For example, impersonating an IT help desk worker enabled 2023 attacks on the MGM Resorts International and Caesars Entertainment in Las Vegas.
However, attackers shouldn’t get too comfortable as authorities stay close behind. Last year, Tyler Robert Buchanan, a 22-year-old UK national, suspected of being intimately involved in the MGM Resorts International cyberattack, was arrested in Spain.
Last November, the US indicted five men associated with the Scattered Spider hacker group: Ahmed Hossam Eldin Elbadawy, Noah Michael Urban, Evans Onyeaka Osiebo, and Joel Martin Evans, as well as one Buchanan.
Your email address will not be published. Required fields are markedmarked