Cyberattack wave hits SPAR Stores; who is responsible?

SPAR

We look at the recent cyberattacks on the SPAR store chain that affected over 300 stores in the UK and discuss the responsibility for an attack like this is.

Ransomware has surged in 2021 as individuals and organizations have become more dependant on digital platforms following the Covid-19 lockdown. There are already audit reports for 2022 of high-risk areas in business, and at the top of this list comes ransomware. “Ransomware is resulting in revenue and data loss, compromized data, reputational damage, significant operational disruption, and more,” said Zachary Ginsburg, research director, Gartner Audit and Risk practice.

The news broke this week that SPAR was hit by largescale cyber ransomware. This attack targeted the James Hall & Company in Preston, Lancashire, not the main store chain. This company is integral to operations as they are the primary supply wholesaler for the company.  The attack affected SPAR’s tills and IT systems, implemented by James Hall. This has caused stores across the country to close their doors, and the ones that have stayed open can only accept cash payments.

SPAR James Hall & Co
James Hall & Co. Ltd Distribution Centre

This is not the first time a cyberattack has caused mass disruption to a store chain; July saw hackers causing over 500 Coop stores tills to crash in Sweden. In this case, it was found that the access point was through Kesaya, an IT management software company based in Florida. The offenders, in this case, were identified as the Russian hacker group REvil.

Most would question if this attack on Spar was REvil’s handiwork also, but back in July, it was reported that this group’s online presence suddenly disappeared. Its websites and blogs overnight became inaccessible. There have been some questionable sources that have come forward saying the US FBI had managed to shut down areas of its site, so it decided to shut down its online presence altogether.

Though REvil briefly disappeared, it resurfaced again only a few months later. Whether this is precisely the same group or a new variant of the organization is yet to be confirmed. Its return sparked the creation of Anti-REvil task forces in Europe and the US. Some REvil affiliates were arrested in November 2021 and were undoubtedly used as an example of how countries are cracking down on cybercrime.

These arrests beg the question: Is REvil responsible for this? In August, security company BlackFog reported on ransomware attacks. Its findings showed REvil accounted for more than 23% of the attacks it tracked last month. Though some of the members since then were arrested, these sorts of organizations can be seen as a legion, when if one is taken down, another will always replace them. This latest attack is remarkably similar to the other attacks REvil has been credited for, such as Acer, JBS, Quanta Computer, and more.

As we review cyberattacks like SPAR and Coop, it begs the question, does responsibility solely sit with attackers, or do organizations need to do more to ensure that a company is protected? Access was most likely gained through James Hall’s technical payment system used in the SPAR chain, so some responsibility needs to be taken by James Hall and SPAR. Both companies have a duty as service providers to protect customers who entrust them with their payment details when using their cards in-store.

Warnings were given earlier this year at the Cyber Polygons training event that saw over 7 million visitors attend that we would see a massive wave of cyberattacks. These warnings have been proven accurate, though the warning itself may have posed something of a challenge to attackers to try.  

During the Cyber Polygons event, simulations were run on the threat of a largescale global cyberattack, showing that companies need to be more flexible and active with security protocols. This seems to be a warning that SPAR did not adhere to, and it has cost it greatly.

Read More:

SPAR noticed the issues around 6.30pm and closed its stores almost immediately. The extent of the threat became increasingly clear overnight as it decided not to reopen stores again. That is a reasonably impressive response time, and they will put recovery measures into effect, such as those outlined by Rubrik in its ransomware recovery plan. SPAR needs to concentrate on proactive prevention in the future, rather than reactive responses to protect its customer and staff. There are many methods now to secure a company from ransomware, and these are constantly evolving to match new threats.

Click here to discover more of our podcasts

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter


Erin Laurenson

Multimedia Content Producer for TBTech

Choose an AI solution to transform beyond technology

Kit Cox • 09th December 2024

The first step is knowing exactly what your business wants to achieve with AI; think faster, smarter and more efficient. Once you know what you are working towards, you can start looking for a solution that can help you make it a reality. AI integration can feel like a daunting task at the beginning, so...

A Roadmap to Security and Privacy Compliance

John Lynch Director of Kiteworks • 04th December 2024

Only by understanding the current regulatory environment and implementing robust data protection measures, can organisations enhance their security posture, ensure compliance, and build resilience against the latest cyber threats. This article provides a comprehensive roadmap of how to do it.

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...