BBC reports that the UK’s National Cyber Security Centre has issued a critical alert to businesses after a series of cyber attacks on major retailers, including Marks & Spencer, Co-op, and Harrods, where hackers impersonated IT help desks to gain unauthorized access.
Criminals used social engineering tactics, such as posing as locked-out employees or IT staff, to manipulate password resets and breach systems. The NCSC urged organizations to reevaluate help desk authentication procedures, especially for senior personnel, and recommended implementing multi-factor verification and code words for identity confirmation. Although the group behind the attacks denied links to the notorious Scattered Spider collective, known for sophisticated, financially motivated breaches, their methods bear striking similarities. Instead, the attackers identified themselves as “DragonForce,” a group reportedly fluent in English and already claiming responsibility for breaching Co-op systems and stealing data. Investigations are ongoing, with authorities collaborating with affected companies to assess the scope and origins of the campaign.
Criminals used social engineering tactics, such as posing as locked-out employees or IT staff, to manipulate password resets and breach systems. The NCSC urged organizations to reevaluate help desk authentication procedures, especially for senior personnel, and recommended implementing multi-factor verification and code words for identity confirmation. Although the group behind the attacks denied links to the notorious Scattered Spider collective, known for sophisticated, financially motivated breaches, their methods bear striking similarities. Instead, the attackers identified themselves as “DragonForce,” a group reportedly fluent in English and already claiming responsibility for breaching Co-op systems and stealing data. Investigations are ongoing, with authorities collaborating with affected companies to assess the scope and origins of the campaign.
