M&S and Co-op cyberattacks reveal rise in advanced cybercriminal tactics: Resilience

Reinsurance

M&S and Co-op cyberattacks reveal rise in advanced cybercriminal tactics: Resilience

  • by Admin
  • Posted on May 1, 2025

Simon West, Director of Customer Engagement at Resilience, commented on the recent cyberattacks targeting Marks & Spencer (M&S) and Co-op, stressing that the incident is particularly concerning due to the attackers’ use of advanced tactics such as SIM swapping and MFA bypass.

resilience-logoThe attacks, believed to have been carried out by the group known as Scattered Spider, underscore a growing trend in cybercrime: sophisticated, socially engineered intrusions targeting even the most established brands.

The cyberattack has already had a significant impact on M&S—one of the UK’s largest retailers—reportedly costing the company millions of pounds in lost sales and contributing to a fall in its share price, according to the BBC.

Issues began over the Easter weekend, with customers reporting problems with Click & Collect and contactless payments. Some stores also experienced stock shortages after M&S took parts of its systems offline in an attempt to manage the cyber attack.

While not as severely affected as M&S, the Co-op reportedly shut down parts of its IT systems in response to hackers attempting to gain access to them.

Download free catastrophe bond market reports from Artemis

West noted that the group’s use of advanced techniques like SIM swapping and MFA bypass—once considered niche—is now becoming increasingly mainstream among cyber threat actors.

“From a risk management standpoint, this attack is a stark reminder that technical defences alone are insufficient,” said West. “Organisations must embed cybersecurity resilience into their broader enterprise risk frameworks.”

“This includes regularly testing incident response plans, running employee phishing simulations, and reassessing third-party risk exposure. Resilience must go beyond IT and involve the entire leadership team.”

West also emphasised the critical role of cyber insurance in responding to such incidents. While no policy can reverse the operational and reputational damage, he said a robust cyber policy can significantly reduce the risk of material financial losses.

He said, “A good policy should cover business interruption losses, forensic investigation and legal costs.

“At Resilience, we partner with our insureds on an ongoing, proactive basis to reduce the likelihood of an incident of this scale happening. That being said, this does not mean a business would be immune to these types of attacks. It means they will be more likely to withstand them better, respond effectively, and recover whilst minimising losses.”

Last year, Resilience conducted extensive research into the evolving tactics of Scattered Spider, including credential harvesting, SIM swapping, and ransomware-based extortion.

The post M&S and Co-op cyberattacks reveal rise in advanced cybercriminal tactics: Resilience appeared first on ReinsuranceNe.ws.

Simon West, Director of Customer Engagement at Resilience, commented on the recent cyberattacks targeting Marks & Spencer (M&S) and Co-op, stressing that the incident is particularly concerning due to the attackers’ use of advanced tactics such as SIM swapping and MFA bypass. The attacks, believed to have been carried out by the group known as…

Leave a Reply

Your email address will not be published. Required fields are marked *