Latest in string of attacks on UK retail sector
The UK retail sector has endured another cyberattack with logistics company Peter Green Chilled, which distributes perishable food supplies to major supermarkets, struck with ransomware last Wednesday.
According to an email seen by the BBC, the attack forced the company to halt order processing on Thursday, although “transport activities” have not been affected, according to managing director Tom Binks.
The email said the firm, which supplies Tesco, Sainsbury, Asda, Waitrose, Co-op, Morrisons, M&S, Aldi and Lidl, was providing regular updates to clients and implementing workarounds to maintain deliveries.
The incident comes after household names Marks & Spencer, Co-op and Harrods all suffered disruption in recent weeks after key systems were taken down by ransomware.
The latest attack prevented Somerset-based Peter Green Chilled from processing orders on Thursday. However, existing schedules have been largely unaffected, with the firm providing regular updates to clients and implementing workarounds to maintain schedules, according to the BBC.
Nevertheless, some suppliers of perishable goods have expressed concern about knock on effects that could lead to products going to waste.
A huge increase in attacks on food supply chain
Phil Pluck, CEO of the Cold Chain Federation, said there had been a “huge increase” in ransomware attacks on the food and distribution sectors in recent years, but added that these are often unreported because of potential reputational damage.
The cold chain sector is critical to the UK’s food supply, processing large volumes of perishable produce to tight timelines, which makes it a prime target for cybercriminals who believe ransoms will more likely be paid.
Richard Orange, VP EMEA at security firm Abnormal AI, said that supermarket supply chains will always be the weakest link due to the vast number of individual players and the wider impact of any disruption.
“When a supply chain partner is compromised the threat doesn’t stop with them, it ripples across their entire network of customers and vendors,” he said.
“Whilst we don’t yet know the specifics of this attack, the aftermath of these incidents often leads to vendor email compromise, where attackers impersonate trusted suppliers to send fraudulent invoices, request payment changes or steal credentials.”
In the aftermath of any data breach, supply chain partners should be extra vigilant about checking the authenticity of any communications, he added.
Andy Norton, European cyber risk officer at security vendor Armis, said that retailers have become prime targets. “In fact, 41% of retailers have seen an increase in threat activity over the last six months – and these threat actors will not be slowing down anytime soon.”
Computing has contacted Peter Green Chilled for comment.