In a developing situation regarding cybersecurity, Co-op, a well-known supermarket and funeral service entity in the UK, has instructed its staff to keep their cameras on during remote meetings. This directive responds to an ongoing cyber attack that has necessitated heightened vigilance and precaution among its 70,000 employees. An internal communication encouraged workers to verify the identities of all meeting participants, clearly demonstrating the level of concern the company has regarding potential infiltration from malicious actors.
The email sent to staff underscored some critical precautions: employees were explicitly advised against recording or transcribing calls conducted via Microsoft Teams, emphasizing a need for secure and genuine communication methods during this trying time. This situation is compounded by a concurrent major ransomware incident affecting Marks & Spencer (M&S), raising questions about any potential links between the cyber attacks on these prominent UK companies.
Cyber security expert Jen Ellis commented on the internal memo, interpreting it as a clear indication of Co-op’s worries concerning hacker intrusions. She explained that requiring employees to maintain video engagement in meetings serves not only to enhance security but also ensures that only authorized personnel are participating in the communications, thereby mitigating risks associated with impersonation or remote unauthorized access.
Amidst the chaos, Co-op has confirmed that it is actively engaging its IT teams to address the cyber breach, enacting proactive measures to minimize disruption. Company representatives acknowledged that the attack has had a limited effect on operations, particularly within their call center and back office systems. However, the email revealed a sobering reality: all remote access has been locked down to further protect sensitive data and operations.
Notably, employees can no longer access internal applications requiring VPN from home, prompting the directive to work from various Co-op locations if they need to utilize work tools. Employees are also cautioned against sharing sensitive information via Teams chats and are encouraged to remain vigilant, reporting any suspicious correspondence. This situation has put into stark relief the pressing nature of cybersecurity in an era increasingly dominated by digital communication platforms.
The cyber attack scenario at Co-op reflects broader trends of increasing cyber threats prevalent against various organizations globally. Historical patterns have shown that cyber criminals frequently target businesses like Uber and Rockstar Games, accessing internal messaging systems for espionage or ransom purposes. The infamous group Lapsus$, which has garnered attention for its audacious attacks, has notably included teenage hackers among its ranks; two were arrested in the UK back in 2023.
Additionally, reports have linked the M&S incident to a faction of Lapsus$ known as Scattered Spider, which has notably targeted high-profile entities like MGM Grand and Transport for London (TfL). Following the TfL incident, staff were required to report in person to security teams to ensure the complete eradication of any hacker presence in their systems.
At present, the Metropolitan Police are investigating M&S’s ransomware attack, and the organization has reached out to the National Cyber Security Centre (NCSC) regarding the incident. The NCSC has reassured the public that while it continuously engages with various organizations regarding cybersecurity threats, it does not specifically categorize retailers as primary targets, although it is tailored to enhance overall resilience.
In summary, Co-op’s directive to keep cameras on during meetings is a crucial step in trying to safeguard against the backdrop of rising cyber threats. As both companies navigate these challenges, consistent and proactive communication among employees and security professionals remains vital in managing and mitigating the impacts of cyber incidents.