Theo LeggettInternational Business Correspondent
BBC
The first day of September should have marked the beginning of one of the busiest periods of the year for Jaguar Land Rover.
It was a Monday, and the release of new 75 series number plates was expected to trigger a surge in demand. At factories in Solihull and Halewood, as well as at its engine plant in Wolverhampton, staff anticipated that they’d be working flat out.
Instead, when the early shift arrived, they were sent home. The production lines have remained idle ever since.
Though they are expected to resume operations in the coming days, it will be in a slow and carefully controlled manner. It could be another month before output returns to normal. Such was the impact of a major cyber attack that hit JLR at the end of August.
It is working with various cyber security specialists and police to investigate, but the financial damage has already been done. More than a month’s worth of worldwide production was lost.
Analysts have estimated its losses at £50m per week.
Getty Images
JLR’s production lines were left idle after the firm faced a cyber attack at the end of August
For a company that made a £2.5bn profit in the last financial year, and which is owned by the Indian giant Tata Group, the losses will likely be painful but not fatal. But JLR is not an isolated incident.
So far this year there has been a wave of cyber attacks targeting big businesses, including retailers such as Marks & Spencer and the Co-op, as well as a key airport systems provider. Other high profile victims have included the children’s nursery chain Kido, while last year incidents involving Southern Water and a company that provided blood tests to the NHS raised serious concerns about the vulnerability of critical infrastructure and services.
In all, a government-run survey on cyber security breaches estimates 612,000 businesses and 61,000 charities were targeted across the UK.
So just how much are attacks like these costing businesses and the economy? And could it be, as one expert analyst puts it, that this year’s major attacks are the result of a “cumulative effect of a kind of inaction” on cyber security from the government and businesses that is now starting to bite?
Pyramid of suppliers affected
What is significant about an attack on the scale of the one that hit JLR is just how far the consequences can stretch.
The company sits at the top of a pyramid of suppliers, thousands of them. They range from major multinationals, such as Bosch, down to small firms with a handful of employees, and they include companies which are heavily reliant on a single customer: JLR.
For many of those firms, the shutdown represented a very real threat to their business.
In a letter to the Chancellor on 25 September, the Business and Trade Committee warned that smaller firms “may have at best a week of cashflow left to support themselves”, while larger companies “may begin to seriously struggle within a fortnight”.
Industry analysts expressed concerns that if companies started to go bankrupt, a trickle could soon become a flood – potentially causing permanent damage to the country’s advanced engineering industry.
Resuming production does not automatically mean the crisis is over either.
“It has come too late,” explains David Roberts, who is the Chairman of Coventry-based Evtec, a direct supplier to JLR, with some 1,250 employees.
“All of our companies have had six weeks of zero sales, but all the costs. The sector still desperately needs cash.”
Russian cyber criminals or Western teens
A recent IBM report, which looked at data breaches experienced by about 600 organisations worldwide found that the average cost was $4.4m (or £3.3m).
But JLR is far from an outlier when it comes to high-profile cyber attacks on an even greater scale. Those at Marks & Spencer and the Co-op supermarket chain this year are estimated to have cost £300m and £120m respectively.
Over the Easter weekend in April, attackers managed to gain entry to Marks & Spencer’s IT systems via a third-party contractor, forcing it to take some networks offline.
They infected the company’s networks with ransomware that encrypted or scrambled its data.
Initially, the disruption seemed relatively minor – with contactless payment systems out of action, and customers unable to use its ‘click and collect’ service. However, within days, it had halted all online shopping – which normally makes up around a third of its business.
It was described at the time as “almost like cutting off one of your limbs”, by Nayna McIntosh, former executive committee member of M&S and the founder of Hope Fashion.
The firm was left with the n
Read More