M&S cyber attack: Press pause, not the panic button.

The headlines are stark. The implications, significant. But before we all race into knee-jerk decisions and start shopping for off-the-shelf “quick fixes”, it’s time to stop. Breathe. And reflect.

The recent cyber attacks targeting Marks & Spencer and The Co-op have set alarm bells ringing across the business world, and rightly so. According to reports, attackers linked to the “Scattered Spider” group exploited help desks through a sophisticated social engineering campaign to reset passwords and deploy ransomware. The group has largely been in operation since 2022, targeting large brands and high revenue businesses. They’re organised, patient criminal and financially motivated, exploiting human behaviour to worm their way in.

Human nature: The most important (and most exploited) link

It's helpful people under pressure, help desks trying to do their job quickly. That’s what social engineering is all about. Manipulating human instinct, trust, curiosity, kindness, urgency, turning it into a weapon.

And the scary part? It works. Even at companies with multi-million-pound cybersecurity investments.

This should be a wake-up call. But not the kind that sends you sprinting towards the shiniest new software promising instant protection. Because there’s no silver bullet here. What’s needed is something less dramatic, but far more effective: strategy, clarity and calm.

Our advice: Don’t get swayed by the noise

Right now, plenty of businesses are already jumping on the headlines. Using fear to flog tactical fixes and “one-size-fits-all” solutions. We’re seeing it everywhere. Webinars. Whitepapers. ‘Urgent’ offers landing in inboxes.

We strongly advise against knee-jerk reactions & panic buying solutions. Don’t be swayed by the noise. 

Reacting without strategy is how businesses burn budget without actually improving resilience. These attackers are evolving fast. They’re backed by AI, global networks and endless patience. If we’re going to stay ahead, we need a long-term mindset, not short-term firefighting.

Five things businesses should do now

1. Review your cyber resilience. 

The hackers behind the M&S attack exploited a process, so take a proper look at your set-up. Know your assets, your vulnerabilities, and your actual level of risk.

2. Ditch the tactical fixes

Stop panic-buying tools. Build a roadmap that reflects your business risks, not someone else’s pitch.

3. Prepare for what’s next

The threat landscape is shifting fast. Make sure your approach isn’t stuck in last year’s thinking.

4. Look at your supply chain

If your suppliers aren’t protected, neither are you. Your defences need to reach beyond your walls.

5. Have a conversation!

Sometimes a second opinion makes all the difference. Get an assessment from people you trust not to sugar-coat it.

Final Word

Let’s be honest. If giants like M&S can get hit, so can anyone. But this isn’t about panic. It’s about perspective. This is your chance to press reset. Ask the tough questions. Cut through the noise. Build a defence that’s actually fit for purpose.

If there's anything we'd like you to take away from the recent events, it's use them to your advantage. Stop and think, reflect on your own position.

If you would like  some steer on what to do next, or just want to talk to a tech partner that will help you make sense of what's happening, our door is always open.