Mon, 05 May 2025
The NCSC urges firms to check IT help desk "password reset processes" as hackers target retailers.
British retailers, including Marks & Spencer, Co-op and Harrods, have been targeted by hackers impersonating IT help desks in recent weeks. The National Cyber Security Centre (NCSC) has warned organisations that criminals may use social engineering tactics to trick employees into revealing login passwords and security codes.
The NCSC is advising companies to review their password reset processes and authenticate staff members before resetting passwords, particularly for senior employees with access to high-level IT systems. This comes as hackers have launched a series of attacks, including one on M&S which resulted in online orders being paused and food items going missing from shelves.
Experts say that the use of code words and multiple layers of security can help prevent such attacks. The NCSC has also highlighted "Risky Logins", where employees log in from unusual locations or at odd hours, as a potential indicator of cybercrime.
The hackers, who call themselves DragonForce, have denied being part of the collective Scattered Spider, but some experts believe they may be affiliated with the group. Scattered Spider is known for using social engineering tactics and has been responsible for high-profile attacks on companies such as MGM Grand Casinos and Caesar's Palace.
The NCSC is working with law enforcement to investigate the attacks and has issued guidance to organisations to help them prevent similar breaches.
>>
Terms of Use | Privacy Policy | Manage Cookies+ | Ad Choices | Accessibility & CC | About | Newsletters | Transcripts
Business News Top © 2024-2025