CFOtech UK - Technology news for CFOs & financial decision-makers
United Kingdom
Guides
#
cybersecurity
#
data analytics
#
data analytics
#
digital transformation
#
hybrid & remote work
Search
Story image
#
Ransomware
#
Cybersecurity
#
Okta

Ransomware attack exposes retail vulnerabilities globally

Today
Author image
By Melania Watson, Interview Editor

The recent ransomware attack on Blue Yonder, affecting the supply chains of Morrisons and Sainsbury's, highlights the persistent vulnerabilities retailers face, particularly during the holiday season.

Dan Lattimer, Vice President of Semperis, noted that the timing of the attack is likely strategic. "This attack was likely calculated as the hackers are aware that the Thanksgiving Holiday is approaching and disruptions in the supply chain will leave many grocery stores in the U.S. with empty shelves at the worst possible time," he stated.

Lattimer also acknowledged that while details of the attack are limited, its potential ramifications could be extensive. "Kudos to Blue Yonder for dealing with this cyberattack head on but we still don't know how far reaching the business disruptions will be in the UK, U.S. and other countries," he added.

Emphasising the need for vigilance, Lattimer highlighted the decisions organisations must face in ransom situations. "Deciding whether or not to pay a ransom is a personal decision that each company has to make, but paying emboldens threat actors and throws more fuel onto an already burning inferno. Simply, it doesn't pay-to-pay," he cautioned. He also referenced Semperis' new Ransomware Holiday Risk Report, noting that the data underscores significant vulnerabilities during holidays. "In fact, more than 70 percent of organisations have been victimised by ransomware in the past 12 months. Unfortunately, most companies also downsize security staffing on holidays and weekends," Lattimer stated.

The issue is exacerbated by a reduction in security staffing during vulnerable periods. "In the UK, 81 percent of companies scale back security staffing by up to 50 % during holidays and weekends. In the U.S. 90 % of organisations do the same thing," Lattimer said, pointing to a substantial gap in security measures across these critical times.

Lattimer advised on steps to bolster operational resilience, particularly concerning identity systems like Active Directory. "For instance, in nearly all ransomware attacks, threat actors compromise organisations' identity systems, most often Active Directory. This can lead to entire networks being taken offline," he explained. To combat this, organisations are urged to implement robust backup and recovery strategies. "To improve operational resiliency, businesses should deploy a robust backup and recovery plan, that ensures Active Directory, Entra ID, Okta and other identity systems are recoverable," Lattimer concluded.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Exponential-e secures role in the G-Cloud 14 framework
Zellis unveils AI payroll updates at London user summit
UK elderly urge banks to keep branches amidst digital age
ThreatQuotient report highlights rise in cyber automation
Versa launches pay-as-you-go cloud firewall on AWS
Top stories
Global spend on KYC systems to hit USD $22bn by 2029
NCSC warns of sophisticated scams during Black Friday
Santander appoints dentsu for global SME trade platform
Neil Araujo earns top honour at legal tech awards 2024
Flip partners with Work Networks in post-Meta exit move