The warning comes as M&S, a 141-year-old retail icon in the UK, continues to grapple with the aftermath of a major cyberattack
The British government is set to issue a strong warning to all UK businesses next week, urging them to treat cyber security as an “absolute priority” in light of a string of cyberattacks that have recently disrupted major retailers including Marks & Spencer (M&S), the Co-op Group, and Harrods.
Cabinet Office Minister Pat McFadden, who led a high-level briefing on Friday with national security officials and Richard Horne, CEO of the National Cyber Security Centre (NCSC), said the government is supporting the affected retailers. According to his office, McFadden will deliver a speech at the upcoming CyberUK conference in Manchester, where he is expected to emphasise the increasing urgency of addressing cyber threats.
In his remarks, McFadden will describe the recent incidents as a “wake up call” for businesses across all sectors and stress the need for stronger digital defences. He will also introduce the government’s plans to enhance national cyber resilience, including new legal measures under the proposed Cyber Security Bill.
“In a world where the cybercriminals targeting us are relentless in their pursuit of profit – with attempts being made every hour of every day – companies must treat cyber security as an absolute priority,” McFadden will say.
The warning comes as M&S, a 141-year-old retail icon in the UK, continues to grapple with the aftermath of a major cyberattack. The company was forced to suspend clothing and home orders on its website and app from 25 April, following a breakdown in key services such as contactless payments and click-and-collect over the Easter holiday weekend. So far, M&S has not confirmed when it expects to resume online orders.
According to technology news platform BleepingComputer, the disruption at M&S was likely caused by a ransomware attack attributed to a cybercriminal group known as “Scattered Spider”. The attack reportedly led to the encryption of the retailer’s servers, causing widespread operational issues.
The incident is part of a broader trend of cyberattacks targeting British companies, public sector organisations, and institutions. These breaches have caused tens of millions of pounds in damages and often lead to long-lasting disruptions to business operations and services.
The government’s push to reinforce cyber security measures is also seen as a response to growing public and industry concerns about the ability of organisations to defend against increasingly sophisticated digital threats. By pushing for legislative change and raising awareness among businesses, officials hope to improve resilience across the economy.
The upcoming CyberUK conference is expected to provide further insight into the government’s long-term strategy for cyber defence, along with guidance for businesses on how to better secure their systems against future attacks.