Over recent years, the news has been full of headlines about cyber attacks and the havoc they have caused businesses large and small, across a range of sectors.
Much of the impact we see reported is where hackers find their way into systems, get hold of personal and sensitive personal data, and leak it on the dark web unless a ransom is paid. Cyber Attacks and personal data breaches have gone hand in hand. Regulatory reporting, ICO investigations and fines, and follow up data breach litigation have become commonplace.
Cyber attacks and operational impact
However, more recently we have also seen the practical impact that cyber attacks can have on businesses outside of the personal data issues. Following on from the empty shelves caused by the M&S cyber attack, we have seen chaos ensue at several European airports following a ransomware attack on check-in and boarding software, and Jaguar Land Rover's (JLR) operations brought to its knees. In JLR's case, a significant cyber-attack at the end of August, a traditionally busy time for those in the motor industry, has had a chilling impact on the wider sector and economy.
It seems that the cyber-attack was discovered whilst it was in progress and JLR took the decision to shut down many of its IT operational systems in an attempt to contain the potential damage. Whilst there has been a confirmation that some personal data has been affected, JLR has not disclosed any further details, and it is the operational impact, and ripple effect throughout the industry, that has dominated the headlines.
Three weeks on from discovering the attack, the impact of JLR's shutdown has been catastrophic, with production being halted in its main UK plants and workers told not to come into work, and further impact felt by JLR's international plants in Slovakia, India and Brazil.
Investigations appear to be ongoing and JLR are said to be working with cybersecurity experts to implement a "controlled restart" of systems to avoid further risk. Following a period of investing in the digital transformation of its systems to make operations more efficient and interconnected, and with factories and plants becoming increasingly "smart", the restart of JLR's systems is likely to be complex and will take some time to get back up to full capacity.
Supply chain impact
In the meantime, the impact on the business has been considerable with the daily UK production of around 1,000 vehicles per day having ground to a halt, which is said to translate into losses for JLR estimated at around £50 million per week. Whilst there is understandably concern that the losses could run into the billions if the disruption continues, JLR is a significantly sized entity and is likely to be able to withstand those pressures, and recover in the medium to long term.
That cannot be said about JLR's significant network of suppliers, many of which are small to medium sized businesses in the manufacturing heartlands of the UK and directly affected by JLR's shutdown in operations. JLR says that it supports 104,000 jobs through the UK supply chain, from part manufacturers and suppliers to specialist dealerships. Those businesses will have operations which are heavily reliant on JLR's productivity and without that cashflow, or a sizeable cash buffer, will feel the devastating impact caused by the continuing fallout from the cyber-attack. The union, Unite, has said that workers throughout the supply chain have been asked to apply for universal credit and there are increasing calls on the UK government to set up a furlough scheme for impacted workers, or provide some other kind of support as many in the interconnected supply chain are facing potential insolvency.
Liam Byrne MP, the chair of the Commons business and trade committee, described the attack as a "digital siege," stating, "This is not a mere flicker on the screen at Jaguar Land Rover, this is a digital siege and it's sent a cyber shockwave through their supply chain. We think this is an attack which is much, much worse than the attack that took down Marks and Spencer."
What now?
Whilst JLR continues to work behind the scenes to get back up and running and mitigate the risks to its business and those within the wider supply chain, there are some key takeaways for businesses thinking about how they can better protect themselves from a similar attack:
- Map out and understand the risks within your supply chains and what operational and contractual steps you can take to mitigate those risks;
- Consider your cyber risk profile, both within your own business and any vulnerabilities from the wider supply chain
- Implement robust cybersecurity measures aligned with your risk profile and take action to mitigate wider risk from suppliers
- Understand how you will respond to an attack, review and stress test your incident response plan regularly.
If you would like to speak to one of our experts about cyber-resilience or training for your executive team on decision making in the event of a Cyber Attack, please contact our specialist cyber team.
