Jaguar Land Rover cyberattack: How a lack of cybersecurity systems led to catastrophe!

Jaguar Land Rover, the biggest car manufacturer in the UK, has come to a complete standstill after the recent cyberattack incident. JLR is still struggling with the aftermath of the severe cyberattack. This unfortunate incident is a staggering reminder of how modern-day manufacturers are prone to threat attacks. 

What happened with JLR?

It all started on August 31, as some hackers managed to break into the systems of Jaguar Land Rover. The IT system was badly targeted, leading to an abrupt halt across all the JLR operations. The Scattered Lapsus$ Hunters group claimed responsibility for the threat attack. Previously, the same group targeted some of the biggies, such as Marks & Spencer, among others.

JLR took swift action and shut down the entire IT network around the globe. The cyberattack disrupted the production of JLR across different facilities such as China, India, the UK, and Brazil. The UK-based manufacturing plants in Halewood, Solihull, and Wolverhampton have not produced even a single unit since September 1. On normal days, the same units would produce 1000 cars daily.

The aftermath of the attack!

Halting manufacturing operations for more than a month can cost way more than we can imagine for brands like Jaguar Land Rover. Approximately, JLR is experiencing losses worth 50 million pounds to 500 million pounds, on a weekly basis. Some analysts believe that JLR is incurring a daily loss of 7.1 million pounds.

The worst thing is that JLR had not invested in any cyber insurance coverage. This increases the extent of the damage to the next level. Marks & Spencer, on the other hand, has managed to recover a huge part of the cyber loss (around 300 million pounds). Since Jaguar didn’t have any active insurance at the time of the cyberattack, it will bear the entire losses on its own. Experts believe that if JLR continues the shutdown until November, the losses could reach up upto 4.7 billion pounds.

Jaguar Land Rover is an integral part of the UK’s biggest automotive supply chain. Thirty thousand employers are directly connected with JLR. Besides, as many as 120,000 to 200000 additional workers are associated with JLR through different job roles. Both medium-sized and small supplier companies heavily rely on JLR for fulfilling their orders. Because of this operational disruption in JLR, employees are being laid off left, right, and center.

The recovery phase

Meanwhile, Jaguar Land Rover is moving ahead with caution. Right now, security is its biggest priority, and that’s exactly why it is compromising with the speed of recovery. As per the company announcements, the Wolverhampton engine facility already started on October 6, while the rest of the locations will get operational in the upcoming weeks.

Jaguar Land Rover is coordinating closely with law enforcement agencies, cybersecurity experts, and NCSC- the National Cyber Security Center in the UK.

Even though the production has started, JLR is still taking it slow and controlled. As of now, Jaguar Land Rover has started producing the batteries and engines, which will be followed by the body shop. Alongside the Wolverhampton engine facility, JLR has also reopened the Coleshill battery assembly centre. Soon, the production of the Land Rover Defender and Land Rover Discovery, as well as the Range Rover and Range Rover Sport, will begin at the Slovakia and Solihull production centers, respectively. JLR is currently trying to cope with the aftermath of the cyberattack while also struggling to clear the backlog of its high-demand luxury vehicles.

The UK government is extending great assistance to JLR because of the catastrophic implications of the threat attack on the automotive company. It will be offering a massive loan worth 15 billion pounds to Jaguar Land Rover, creating a record. This is going to be the first time ever that any UK brand is receiving financial support from the government because of a cyberattack. 

NatWest, HSBC, and MUFG will provide the loans on behalf of the UK government. JRL has to pay back the loan in the next five years.

Conclusion

This cyberattack on Jaguar Land Rover is a staggering reminder that Britain’s manufacturing sector is highly vulnerable to cyberattacks. The JLR cyber incident highlights the vulnerability of the automotive industry, specifically where just one attack can disrupt the entire cycle of distributors, suppliers, and associated partners. 

The degree of vulnerability increases due to the heavy reliance on interconnected digital systems.

As of now, JLR might take another three to four weeks to return to normal levels of manufacturing and production. However, even after resuming its operations, JLR may take several months to achieve a full-fledged recovery from this threat attack. The cyberattack on Jaguar Land Rover emphasizes that cybersecurity mechanisms and insurance are non-negotiable in modern times. The incident also underscores the critical need for robust SPF, DKIM, and DMARC email authentication to strengthen cybersecurity defenses.