A laptop with a small supermarket trolley sat on the keys and two small cardboard boxes with images of trolleys on them

Image: Getty.

Why hasn’t the M&S cyber attack chaos been resolved yet? We asked a cyber security expert

More than a week has passed since Marks & Spencer (M&S), one of the UK’s most recognisable retailers, was hit by a major cyber attack.

Professor Oli Buckley

Professor Oli Buckley.

As the disruption continues, journalists and the public are starting to question why it’s taking so long to resolve the issues caused by the attack.

To help shed light on the challenges involved, we spoke with Professor Oli Buckley, a cyber security expert at Loughborough University.

"Marks & Spencer isn’t just facing a small hiccup with one of their systems, they’ve been hit by the full force of a ransomware attack. Sadly, they don’t usually come with quick fixes", said Professor Buckley.

"It’s a really stark illustration of how the real-world is underpinned by the digital domain, and if something is damaged digitally it can have knock on effects in reality.

"It seems like the DragonForce ransomware is at the root of the attack, with most experts pointing the finger at Scattered Spider. They are a loose network of hackers, known for bold and damaging attacks such as the attacks that targeted MGM Las Vegas.

"When ransomware hits, it's like setting off a digital bomb: data gets encrypted, systems go dark, and recovery means rebuilding safely from the ground up, not just turning things back on.

"M&S is currently working around the clock, but even the best-prepared organisation can’t bounce back from this in a few days. Backups take time to restore. Every corner of the system needs to be checked and cleaned, and when dealing with criminals, there's no quick or trustworthy shortcut.

"They are staying tight-lipped, but it’s clear this has cost millions in lost sales and meant that confidence has taken a hit. Still, they’re handling it well and doing all of the right things. Being hit by an attack like this isn’t a sign of inherent weakness and the response is the crucial bit and so far it seems like they’re doing everything right. Cautiously, but right.

"This is a reminder of how disruptive ransomware can be. But it’s also a case study in how to face it with focus and resilience."

To arrange an interview with Professor Oli Buckley, email the Public Relations team or call 01509 222224.

Notes for editors

Press release reference number: 25/65

Loughborough is one of the country’s leading universities, with an international reputation for research that matters, excellence in teaching, strong links with industry, and unrivalled achievement in sport and its underpinning academic disciplines. 

It has been awarded five stars in the independent QS Stars university rating scheme and named the best university in the world for sports-related subjects in the 2025 QS World University Rankings – the ninth year running. 

Loughborough is ranked 6th in The UK Complete University Guide 2025, 10th in the Guardian University League Table 2025 and 10th in the Times and Sunday Times Good University Guide 2025.  

Loughborough was also named University of the Year for Sport in the Times and Sunday Times Good University Guide 2025 - the fourth time it has been awarded the prestigious title.  

Loughborough is consistently ranked in the top twenty of UK universities in the Times Higher Education’s ‘table of tables’, and in the Research Excellence Framework (REF) 2021 over 90% of its research was rated as ‘world-leading’ or ‘internationally-excellent’. In recognition of its contribution to the sector, Loughborough has been awarded seven Queen's Anniversary Prizes. 

The Loughborough University London campus is based on the Queen Elizabeth Olympic Park and offers postgraduate and executive-level education, as well as research and enterprise opportunities. It is home to influential thought leaders, pioneering researchers and creative innovators who provide students with the highest quality of teaching and the very latest in modern thinking. 

Categories

Expert commentTechnologyWar and security