Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Government

Cyberattack on JLR Prompts £1.5 Billion UK Government Intervention

The government has announced a support package, but a cybersecurity expert has raised some concerns.

Jaguar Land Rover cyberattack

The UK government has announced a £1.5 billion ($2 billion) loan guarantee for Jaguar Land Rover (JLR) in response to the highly disruptive cyberattack that recently hit the carmaker.

The government made the announcement on Sunday, saying that the support package is meant to “give certainty to its supply chain following a recent cyber-attack”.

“The loan from a commercial bank, backed by the Export Development Guarantee (EDG) provided by export credit agency UK Export Finance, will be paid back over five years and bolster JLR’s cash reserves so it can support its supply chain which has been greatly impacted by the shutdown,” the government said.

The government’s announcement points out that JLR is one of the UK’s largest exporters and is responsible for one of the largest automotive sector supply chains in the country. Roughly 34,000 people are employed directly by JLR and 120,000 in supply chain operations. 

Some experts believe the bailout will encourage cybercriminals to continue targeting UK companies with weak cybersecurity. 

“Personally I think the UK is going to be one to watch now,” said cybersecurity researcher Kevin Beaumont, who has been monitoring this and other major cyber incidents, “if I was an e-crime threat actor, I’d zero in on the UK.”

Advertisement. Scroll to continue reading.

Insurance news website The Insurer reported last week that JLR had failed to secure cyberinsurance ahead of the hacker attack, claims that the carmaker has refused to confirm or deny. 

The Guardian reported that JLR, which is owned by Tata Group, has outsourced cybersecurity and other IT services to Tata Consultancy Services (TCS), which also works with Marks & Spencer and Co-op, both believed to have been targeted by Scattered Spider, the same cybercrime group that has taken credit for the attack on JLR.

The cyberattack, discovered in late August, resulted in severe disruptions to the company’s internal systems and the shutdown of production lines. 

In a statement issued on September 25, JLR said it had managed to restore “sections of its digital estate”, including systems related to invoicing, parts logistics, and sales. On September 29, the company said some of its manufacturing operations will “resume in the coming days”.  JLR previously said production would resume on October 1 at the earliest. 

The company admitted that the cyberattack resulted in a data breach, but it has yet to clarify what type of information has been compromised. 

JLR has also yet to make public any estimate on the cyberattack’s financial impact. The British retailers believed to have been targeted recently by Scattered Spider reported losses of hundreds of millions of pounds. Co-op last week reported £206 million ($275 million) in lost sales, while Marks & Spencer in May estimated losses of £300 million ($400 million). 

Related: Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover

Related: Cost of Data Breach in US Rises to $10.22 Million, Says Latest IBM Report

Related: Wytec Expects Significant Financial Loss Following Website Hack

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

Mark Carter has been appointed Chief Information Security Officer at Socure.

Spektrum Labs has named Mark Cravotta Chief Operating Officer.

More People On The Move

Expert Insights

Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.