Jaguar Land Rover (JLR) has confirmed it will extend its production pause until at least September 24 following a cyber-attack earlier this month.
Supply chain disruptions continue to ripple outward as firms that support the luxury car maker begin to suffer financially.
There have been reports of supply chain workers impacted by the cyber-attack at JLR being laid off. JLR employees are not at risk of losing their jobs.
A leading British workers union, Unite, has called for the UK government to step in and provide a furlough scheme for those at risk of losing their jobs because of the incident.
Trevor Dearing, director of critical infrastructure at Illumio, commented, “JLR is no doubt an anchor for local industry. Most organizations don’t have Tata’s [JLR’s parent company] financial safety net behind them, so for suppliers this prolonged downtime will mean that cashflows will dry up fast. This will be damaging not just for the supply chain, but also for when JLR finally comes back online. Some of those businesses may not be there to restart and make recovery even slower and more painful.”
The cause of the disruption lies in the fact that modern automotive manufacturers operate a ‘just-in-time’ logistics and parts supply strategy.
Rather than stockpiling parts, interconnected third party systems receive updates for stock deliveries for vehicles that are being manufactured at the JLR sites.
Some small businesses within the wider JLR supply chain rely solely on JLR for contracts.
Simon Chassar, interim COO at cybersecurity firm e2e-assure, noted, “By ‘pulling the plug’ JLR may have saved the amount of effort required by an incident response company to wipe, clean and recover the entire systems affected from backups with minimal data loss. However, it will unfortunately still take weeks to fully restart and to get back to where they were before the cyber-attack but with updated cyber protections and patches to limit a follow-on attack.”
“For other manufacturers this is a wakeup call; cybercriminals are targeting operational resilience in manufacturing for financial gain as they know it is painful to protect and recover from,” Chasser said.
On September 10, JLR confirmed that some data had been affected during the incident, and the firm was informing the relevant regulators.
A cybercriminal group linked to Scattered Spider has claimed responsibility for the incident.
Those claiming responsibility are operating under the moniker Scattered Lapsus$ Hunters, a possible collaboration between Scattered Spider, ShinyHunters and Lapsus$.
Image credit: George Trumpeter / Shutterstock.com