Landmark London Department Store Harrowrods Has become the latest uk retailers to fall Victim to a Cyber Attack in the Past 10 Days, joining a list that alredy includes marks and spencer and co-op.
The Still in-Progress Incident was initially Reported by Sky News And has supposedly left customers unable to pay for their purchase.
A Harrods specksperson confirmed the accuracy of this report to computer weekly.
“We recently experienced attempts to gain unauthorized access to some of our systems,” they said.
“Our seasoned it Security Team Immedited Took Proactive Steps to Keep Systems Safe And as a Result We Have Restricted Internet Access at our Sits ates today.”
The speakesperson added: “Currently all sites including our knowledge store, h beauty stores and airport stores remain open to welcome customers. Customers can also continue to show Via Harrods.com.
“We are not asking our customers to do anything differently at this point and we will continue to provide updates as Necessary.”
Three Major Attacks
Further details on the incident affecting Harrods are money public.
However, The Incident Comes Barely 48 Hours after Co-Op First Disclosed IT WAS Experience a similar cyber attack That it also also took proactive steps to mitigate, and less than a fortnight after M & s was forced to Suspend Multiple Online Services Following an incident.
This has lent weight to growing speculation that all three attacks may share a common link. The most plausible Scenario would sugest that the three attends originated through an unidented third-party retail services partner in a Supply Chain Attack,
Earlier this week, it emerged that the m & s attack may have been the work of the Cyber Criminal Collective Scatted Spider, which allegedly deployed a white-label ransomware called dragonforce on its vmware servers.
A Compromise Orchestrated Through a Third-Party Delhi Align With Scatted Spider's Modus operandi-The Gang Famously extracted Multiple Victims, Including two HIGH-Prafile LASS VOFILEDING VOFILEDING Casino operators, having exploited okta identity services,
Tim Grieveson, CSO at ThingsreconAn Attack Surface Discovery Specialist, said: “There must be a common thread across these retailers that have put them firmly in the crimesshairs of Cyber Criminals. Then is the aren't isolated events. A wake-up call. The action and initiative we have seen from the co-op and harrows should be a blueprint for others, not just in retail, but across all sector. “
TOBY Lewis, Head of Threat Analysis at Darktrace. To big name retailers; or the scale of the m & s prompted security teams to relaook at their logs and act on activity they would be previous Judged a Risk Differential Large Organizations Have in Securing Against Threats in their Supply Chain, Particularly as that Threats Grow in Volume and Sophistication. “
Copycat hackers
Jake Moore, Global Cyber Security Advisor at ESetHighlighted a third possibility, saying that even if the same threat actor was not responsible for all three incidence, it was not uncommon for related targets in similar sector sector to Fall Victim to Fall Victim to Fall Victim to ATTACTIC Succession.
Moore said that in the case of ransomwares like dragonforce, which is open sold on the cyber criminal underground via a ransomware-ra-a-service (Raas) Model, Can Be Easily Deployed by Other Threat Actor Motivated by the First Attack to seek out Similar Vulnerabilityes.
“Other Hacking Groups are also also als attempt their luck on similar businesses and start demanding ransoms where possible,” said moore.
“Attacks involving the dragonforce ransomware mostly start by targeting knowledge Businesses Need to Be Extra Vigilant and Improve How Quickly They update their networks, ”He said.