Cyberattack wave hits SPAR Stores; who is responsible?

SPAR

We look at the recent cyberattacks on the SPAR store chain that affected over 300 stores in the UK and discuss the responsibility for an attack like this is.

Ransomware has surged in 2021 as individuals and organizations have become more dependant on digital platforms following the Covid-19 lockdown. There are already audit reports for 2022 of high-risk areas in business, and at the top of this list comes ransomware. “Ransomware is resulting in revenue and data loss, compromized data, reputational damage, significant operational disruption, and more,” said Zachary Ginsburg, research director, Gartner Audit and Risk practice.

The news broke this week that SPAR was hit by largescale cyber ransomware. This attack targeted the James Hall & Company in Preston, Lancashire, not the main store chain. This company is integral to operations as they are the primary supply wholesaler for the company.  The attack affected SPAR’s tills and IT systems, implemented by James Hall. This has caused stores across the country to close their doors, and the ones that have stayed open can only accept cash payments.

SPAR James Hall & Co
James Hall & Co. Ltd Distribution Centre

This is not the first time a cyberattack has caused mass disruption to a store chain; July saw hackers causing over 500 Coop stores tills to crash in Sweden. In this case, it was found that the access point was through Kesaya, an IT management software company based in Florida. The offenders, in this case, were identified as the Russian hacker group REvil.

Most would question if this attack on Spar was REvil’s handiwork also, but back in July, it was reported that this group’s online presence suddenly disappeared. Its websites and blogs overnight became inaccessible. There have been some questionable sources that have come forward saying the US FBI had managed to shut down areas of its site, so it decided to shut down its online presence altogether.

Though REvil briefly disappeared, it resurfaced again only a few months later. Whether this is precisely the same group or a new variant of the organization is yet to be confirmed. Its return sparked the creation of Anti-REvil task forces in Europe and the US. Some REvil affiliates were arrested in November 2021 and were undoubtedly used as an example of how countries are cracking down on cybercrime.

These arrests beg the question: Is REvil responsible for this? In August, security company BlackFog reported on ransomware attacks. Its findings showed REvil accounted for more than 23% of the attacks it tracked last month. Though some of the members since then were arrested, these sorts of organizations can be seen as a legion, when if one is taken down, another will always replace them. This latest attack is remarkably similar to the other attacks REvil has been credited for, such as Acer, JBS, Quanta Computer, and more.

As we review cyberattacks like SPAR and Coop, it begs the question, does responsibility solely sit with attackers, or do organizations need to do more to ensure that a company is protected? Access was most likely gained through James Hall’s technical payment system used in the SPAR chain, so some responsibility needs to be taken by James Hall and SPAR. Both companies have a duty as service providers to protect customers who entrust them with their payment details when using their cards in-store.

Warnings were given earlier this year at the Cyber Polygons training event that saw over 7 million visitors attend that we would see a massive wave of cyberattacks. These warnings have been proven accurate, though the warning itself may have posed something of a challenge to attackers to try.  

During the Cyber Polygons event, simulations were run on the threat of a largescale global cyberattack, showing that companies need to be more flexible and active with security protocols. This seems to be a warning that SPAR did not adhere to, and it has cost it greatly.

Read More:

SPAR noticed the issues around 6.30pm and closed its stores almost immediately. The extent of the threat became increasingly clear overnight as it decided not to reopen stores again. That is a reasonably impressive response time, and they will put recovery measures into effect, such as those outlined by Rubrik in its ransomware recovery plan. SPAR needs to concentrate on proactive prevention in the future, rather than reactive responses to protect its customer and staff. There are many methods now to secure a company from ransomware, and these are constantly evolving to match new threats.

Click here to discover more of our podcasts

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter


Erin Laurenson

Multimedia Content Producer for TBTech

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...

Custom Software Development

Natalia Yanchii • 04th October 2024

There is a wide performance gap between industry-leading companies and other market players. What helps these top businesses outperform their competitors? McKinsey & Company researchers are confident that these are digital technologies and custom software solutions. Nearly 70% of the top performers develop their proprietary products to differentiate themselves from competitors and drive growth. As...

The Impact of Test Automation on Software Quality

Natalia Yanchii • 04th October 2024

Software systems have become highly complex now, with multiple interconnected components, diverse user interfaces, and business logic. To ensure quality, QA engineers thoroughly test these systems through either automated or manual testing. At Testlum, we met many software development teams who were pressured to deliver new features and updates at a faster pace. The manual...