STORY: Marks & Spencer believes it knows who was behind a costly ransomware attack on the company.
Its chairman said Tuesday they think the group was called ‘DragonForce’.
Archie Norman told UK lawmakers that ‘loosely aligned parties’ worked together on the cyberattack.
He said DragonForce are a ransomware operation they believe is based in Asia.
The media has previously blamed a hacking collective known as Scattered Spider that deploys ransomware from DragonForce.
Norman said M&S didn’t hear from the threat actor for about a week after it penetrated the retailer’s systems.
The attack forced M&S to suspend online shopping for nearly seven weeks.
The retailer stopped taking online clothing orders and also took other systems offline.
It lowered food availability and led to higher waste and logistics costs.
M&S said in May the attack would cost it about $409 million in lost operating profit.
The group resumed taking online orders for clothing lines on June 10, but is yet to restore click and collect services.
