In response to an ongoing cyber attack, the British retail group the Co-op has implemented strict internal protocols to prevent further unauthorized access, including requiring staff to keep cameras on during virtual meetings and verifying all participants. This measure reflects growing concern over potential infiltration by threat actors already inside the company’s systems. The organization has also disabled critical IT systems, including remote access and VPN-dependent applications, urging staff to work onsite when necessary and to avoid sharing sensitive data through digital channels like Teams. These proactive steps are part of a broader effort to secure communications and limit attack surfaces during a critical time.

This incident, along with the concurrent ransomware attack on Marks & Spencer - which has disrupted operations and prompted investigations by the Metropolitan Police and the National Cyber Security Centre - highlights the increasing sophistication and boldness of modern cybercrime. The use of tools and tactics associated with groups like Lapsus$ and Scattered Spider underscores the evolving threat landscape, where even routine communications can be exploited.

The cyber attack underscores the need for organizations to have 100% situational awareness into their organization with robust network monitoring and deep forensics capabilities. Organizations must ensure constant vigilance, verify identities, and invest in real-time detection and response systems to stay ahead of adversaries who are growing more persistent and capable. Read more about this story on our LinkedIn page