The National Cyber Security Centre (NCSC) has warned that criminals launching cyber-attacks at British retailers are impersonating IT help desks to break into organisations with  Marks & Spencer, Co-op and Harrods targeted in the last two weeks.

The Co-op apologised after hackers – who call themselves DragonForce – said they had stolen 20 million of Co-op’s customers’ personal data. The attack has also significantly impacted M&S operations with meal deals suspended empty shelves and an inability to pay by contactless card or place online orders.

As a result of the latest attacks, the NCSC, the government agency responsible for cyber security, has issued guidance to organisations, urging them to review their IT help desk “password reset processes” to reduce their chances of getting hacked stating: “We believe by following best practice, all companies and organisations can minimise the chances of falling victim to actors like this.”

It said firms should reassess how their IT help desk “authenticates staff members” before resetting passwords, especially senior employees with access to high-level parts of an IT network.

Cyber security experts now recommend further layers of security to deal with these sorts of attacks.

The current tactics are most commonly associated with collective cyber criminals nicknamed Scattered Spider. In the past two years the hackers, in their teens or early twenties, have coordinated and planned attacks on Discord and Telegram to breach dozens of companies and steal or scramble data to extort their victims.

Scattered Spider hackers have been high profile attacks including  responsible for the coordinated moves against casinos in Las Vegas in which MGM Grand Casinos and Caesar’s Palace were hit in quick succession. There have been six arrests in the last year of hackers accused of being from Scattered Spider in the US and UK.

Cyber exposures are evolving and it is important that businesses review their insurances, for suitability, using a specialist broker. To discuss this further with a broker at W Denis, please make arrangements with Daniel Moss at [email protected] or on 0044 (0)113 2439812 or contact Mark Dutton at [email protected] or on 0044 (0) 7831 366 469.