Criminals behind a cyber attack on the Co-op have given details about how they launched their attack, and the quick thinking that avoided the chain suffering the same fate as Marks & Spencer
The Co-op narrowly avoided being locked out of its own computer systems, a gang behind a cyber attack has claimed.
The firm says it is getting back to normal after it took action to contain an attempted online hack, but which led to gaps on shelves at its convenience store chain.
Bosses hope the resolve the issues by this weekend. But while it was impacted, the relatively short-term nature of the disruption is in sharp contrast to Marks & Spencer, which is still in the grip of a crisis after also being targeted by hackers.
M&S is still not taking any online clothing and homeware sales, three weeks on from when it first paused all orders. Experts estimate it is costing the high street giant more than £40million a week , with hundreds of millions wiped off its stock market value.
Hackers who have claimed responsibility for both attacks told the BBC they tried to infect Co-op with malicious software – known as ransomware – but failed when the firm discovered the attack in action.
The gang, using a cyber crime service known as DragonForce, wrote: “Co-op’s network never ever suffered ransomware. They yanked their own plug – tanking sales, burning logistics, and torching shareholder value.”
Ransomware is a typical of malicious software which, when deploys, is designed to steal data which the victim is blocked from accessing. Money – a ransom – is then demanded in order to release it.
The criminals, whose identities remain a secret, claimed they breached Co-op’s computer systems long before they were discovered. “We spent a while seated in their network,” they claimed.
Insiders at the Co-op insist the breach was detected almost immediately buy its internal security experts, which preventing the hack from spreading.
They say action was then taken to take other systems offline to limit the impact, although this led to supplies to stores being impacted.
According to the BBC, the hackers still stole a large amount of customer data and were planning to infect the company with ransomware.
Cyber expert Jen Ellis from the Ransomware Task Force, said: “Co-op seems to have opted for self-imposed immediate-term disruption as a means of avoiding criminal-imposed, longer-term disruption. It seems to have been a good call for them in this instance.”
Professor Oli Buckley, a cyber security expert at Loughborough University, said: “Co-op have acted quickly and their work on the recovery helps to soften things slightly, but rebuilding trust is a bit harder. It will be a process of showing that lessons have been learned and there are stronger defences in place.”
