News / M&S cyber-attack a salutary warning for supply chain players, say experts

Forwarders are facing increased pressure from customers to build-in contingencies capable of contending with the fallout from cyber-attacks, while also coming under scrutiny over their own security measures.

The heightened focus on cyber security follows a wave of attacks against retailers this year, with one UK high street staple reportedly having lost as much as £25m a week after “threat actors” gained access to its systems at Easter.

Six weeks on from the massive cyber-attack, believed to be the work of the Scattered Spider hacking collective, Marks & Spencer (M&S) – which has boasted a presence on UK high streets for more than 140 years – has only just resumed its online shopping service.

MD for fashion, home, and beauty John Lyttle said on LinkedIn: “More products will be added every day and we will resume deliveries to Northern Ireland and click and collect in the coming weeks.”

Amid estimates that the attack wiped £300m of profit off its books this year, M&S was by no means the only victim, with the Co-op, HarrodsAdidas and Victoria’s Secret falling victim to similar attacks.

And research from Gartner suggests some 45% of organisations will face cyber-attacks this year, a three-fold increase in threat since 2021, with supply chain organisations being warned to expect attacks to accompany traditional criminal methods.

Noting that freight crime resulted in £1bn in losses to the UK since 2020, regional security head for Ceva Logistics in Europe Ann-Marie McLeavy said: “Over the past five years, freight crime has become significantly more sophisticated and financially damaging.

“Criminal tactics have evolved from opportunistic thefts to complex operations involving identity deception, fake carriers on online marketplaces, cyber scams and insider collusion. Organised crime groups are now deeply embedded in freight theft.”

Chris Clowes, executive director at global supply chain and logistics consultancy Scala, said while all businesses were targets, consumer-facing brands were of particular interest “because of the volume of data they hold and the public visibility of any disruption”.

Mr Clowes told The Loadstar the recent incidents involving M&S and Adidas offered an example of just how rapidly a cyber-attack or system fault could impact an entire supply chain, and, worryingly for forwarders, also expose the unwitting role of supply chain partners.

He said: “Smaller businesses, even if not directly targeted, can find themselves caught in the crossfire. Businesses of all sizes need to treat cyber security and digital continuity as central to supply chain resilience. People remain one of the most common points of failure. A simple phishing email can provide a route into systems if employees aren’t trained to spot the warning signs.”

Noting that, as supply chains become more digitally integrated, Mr Clowes said forwarders were increasingly connected to their customers’ internal management systems and transport platforms, which rendered them potential entry points for cyber-attacks.

So, there was a need for forwarders of all sizes to update their systems – “often they rely on legacy systems” – and increase training, he urged, adding they needed contingencies in place for when systems did go down.

But for some there is a more immediate problem.

Ryan McInerney, head of security for UK, Ireland, Nordics & Benelux at Ceva Logistics, said: “International supply chains introduce complexities such as varying security standards, jurisdictional limitations, and inconsistent enforcement. Cross-border strategies that prove effective include harmonising security protocols, using internationally recognised certifications, and engaging in multinational intelligence sharing.

“Coordinated customs inspections and secure tradelanes also help reduce vulnerability.”