Stay one step ahead of cyber criminals with our regular news and tips
As we write this month’s cyber security newsletter, the press reports that Jaguar Land Rover (JLR) didn’t have cyber insurance in place before the devastating attack hit. This means they may have to foot a multibillion-pound bill in its entirety. Meanwhile, the government has announced a £1.5bn loan guarantee to support JLR’s suppliers, some of whom find themselves on the brink of bankruptcy.
These reports reveal both the scale and the deep-reaching effects of cyber crime – it’s not just the big players taking crippling hits; their smaller suppliers suffer devastating consequences too.
In this issue, we take a look at recent high-profile hacks – and reveal a potentially significant link between all of them. September was also the month in which ransomware made its way to Europe’s critical infrastructure.
And finally, some positive news – we provide a preview of Intersys’ AI services and toolkit that can help your organisation harness the power of this transformational technology.
Here’s the link between the Jaguar Land Rover, M&S and Co-op cyber attacks
Another month and another British institution is under cyber siege. Following last month’s devastating cyber attack, the paralysed IT systems at Jaguar Land Rover (JLR) made international headlines. The government has stepped in to help and the car giant has now said production will restart in a phased manner from early October.
The hack has cascaded across the car industry, affecting suppliers, staff, car owners and new buyers.
The disruption is believed to be costing JLR at least £50m per week. Its problems may be further exacerbated by reports that JLR ‘failed to finalise’ a cyber insurance deal before it was hit by the attack.
Many in the cyber community are asking for closer scrutiny of Tata Consultancy Services (TCS), the Indian IT and cyber security provider that handles JLR’s computer systems.
TCS was also the IT and cyber security partner to M&S and Co-op at the time of their respective ransomware attacks. Reuters quoted a source saying that TCS helpdesk staff were believed to have been targeted as part of a social engineering scam to break into M&S systems.
It may not have been the first time that JLR has been breached, either. Back in March this year, a cyber security firm alleged that JLR had suffered a data breach from infostealer malware associated with a ransomware gang. There was no official comment from the car maker at the time.
It’s still unclear if the two incidents are linked.
Airport ransomware exposes Europe’s critical infrastructure
The European Union Agency for Cybersecurity has confirmed that hackers used ransomware to hobble automatic check-ins during recent cyber attacks on airports in the region.
While a man in his forties has been arrested in West Sussex, the National Crime Agency said that the investigation is still in its early stages.
The hack caused chaos across European airports including Heathrow, Brussels and Berlin, with hundreds of flights delayed or cancelled and staff resorting to pen and paper to manually check in passengers.
The attack surface is believed to be the Muse software owned by Collins Aerospace, an American aviation and defence company, which in turn is owned by another American defence conglomerate, RTX Corporation.
While no group has claimed responsibility as yet, there is speculation that the attack was either caused by criminals for profit or by hostile nation-state actors such as Russia.
Cyber attacks on the aviation sector have gone up 600% between 2024 and 2025, according to a recent report.
Why we’ve ramped up our helpdesk security
IT helpdesks are increasingly finding themselves on the frontlines of a cyber war against hackers. With their ability to grant login credentials and open the doors to an organisation’s most precious systems and data, they’re obvious targets. Now with sophisticated AI tools at their disposal, it’s never been easier for scammers to clone voices and impersonate real users.
While we have always adopted tough user identification methods, our latest upgrade will make the process even more secure and efficient.
We now use an identity verification tool which vets customer interactions by:
• Verifying a user’s identity before any sensitive request is processed, for instance a password reset or access change
• Allowing passwords and confidential details to be sent securely, through a protected and ephemeral channel
• Enabling customers to provide sensitive information safely, without the risk of interception
This additional layer of security means that helpdesk staff will no longer have to make judgment calls under pressure. It’s a vital cyber security tool in a constantly evolving threat landscape.
Responsible use of AI in the workplace: download our policy template
What is your organisation’s culture around using AI in the workplace?
75% of global knowledge workers were using AI last year. Many business leaders are faced with a simple-yet-tough choice: adopt it or get left behind.
But with any new technology, there is a steep learning curve. It’s now clear that the sheer power of generative AI needs to be harnessed by the right governance policies and frameworks to ensure your confidential data stays protected.
It’s why we’ve created an AI toolkit on our website with more guidance on the safe use of AI at work. You’ll find 10 Commandments for AI Use in the Workplace as well as a downloadable AI Policy Template with clear guidelines, which you can customise for your own organisation.
Read the page. Use the resources. And continue to grow your knowledge on the safe use of AI.
Other vulnerabilities
Malicious Listener for Ivanti Endpoint Mobile Management Systems