The hack of Jaguar Land Rover is potentially the most costly cyber-attack in British history, according to a report by cybersecurity body the Cyber Monitoring Centre (CMC).
The CMC added that losses could still climb higher than the £1.9bn it is already believed to have cost the UK economy if there were unexpected delays to JLR’s return to full production following the August attack.
JLR was forced to shut down systems across all of its factories and offices, including Halewood on Merseyside, as well as sites in Solihull and Castle Bromwich in the West Midlands, and locations in China, Slovakia and Brazil, after realising the extent of the attack.
The carmaker, Britain’s biggest automotive employer, only managed a limited restart in early October and is not expected to return to full production until January.
As well as crippling JLR, the hack has affected as many as 5,000 organisations across Britain who are part of JLR’s extensive and complex supply chain. While JLR itself has been able to rely on its large financial buffers and those of multinational parent Tata Group, smaller suppliers were forced to lay off thousands of workers and contend with a sudden break in cashflow.
“This incident appears to be the most economically damaging cyber event to hit the UK, with the vast majority of the financial impact being due to the loss of manufacturing output at JLR and its suppliers,” the CMC’s report said.
The CMC is an independent non-profit made up of industry specialists including the former head of Britain’s National Cyber Security Centre, Ciaran Martin. Martin said it looked like the most costly UK attack “by some distance”, and added that organisations needed to work out how to react if vital networks were disrupted.
The luxury carmaker’s three factories in Britain usually produce about 1,000 vehicles a day between them.
The incident was one of a string of high-profile hacks to affect large UK companies this year, with Marks & Spencer and Co-op also among those hit.
JLR, which analysts estimated was losing about £50m a week from the shutdown, was promised a £1.5bn loan guarantee by the UK government in late September to help it support suppliers, although before receiving that cash the carmaker launched its own efforts to support its supply chain, paying for parts upfront.
The CMC, which is funded by the insurance industry and categorises the financial impact of significant cybersecurity incidents affecting British businesses, ranked the JLR hack as a category 3 systemic event, out of a scale of five.
The £1.9bn estimate “reflects the substantial disruption to JLR’s manufacturing, to its multi-tier manufacturing supply chain, and to downstream organisations including dealerships”, the report said.
Separately, trade publication The Insurer has claimed that the group was not covered by cyber attack insurance when the incident occurred. The journal said JLR had “failed to finalise” cover with its broker.
JLR is yet to make an official comment.
