Cart

Your cart is empty
Subtotal

12 May 2025

What Every Business Should Learn from the M&S Cyber Attack Before It's Too Late

The recent cyber attacks on M&S, Co-op, and Harrods should be setting off alarm bells in boardrooms across the country. Not the gentle, polite "reminder to update your password" kind of bells – but the urgent kind that demand a proper cup of tea and your full attention.

For many IT professionals watching these household names struggle to regain control of their systems, there's a certain detachment – a "that's unfortunate, but it won't happen to us" mentality that feels increasingly optimistic, although it’s still less than a year since Crowdstrike reminded us of the perils of complacency.

M&S is losing millions daily as their operations remain crippled, with one retail expert approximating a loss of as much as £3.2m a day. The Co-op has confirmed hackers accessed millions of customers' personal details.

And meanwhile, CIOs everywhere are quietly hoping their cyber-resilience plans are more comprehensive and robust than they might actually be.

From Theory to Terrifying Reality

What makes these attacks particularly uncomfortable to watch is how quickly they transform from hypothetical risk discussions, in many cases dismissed as being ‘impossible’, into all-hands-on-deck realities. We’ve seen time and again how IT has focused each time on prevention in their cyber-security measures, rather than cure via robust cyber-resilience plans.

Cabinet Minister Pat McFadden was rather direct at the recent CyberUK conference: "Cyber-attacks are not a game. Not a clever exercise. They are serious organised crime.”

“What we have seen over the past couple of weeks should serve as a wake-up call for businesses and organisations up and down the UK, as if we needed one, that cyber-resilience is not a luxury but an absolute necessity.” – and for companies still postponing proper data recovery investment, that call is getting increasingly difficult to hit snooze on.

Your Recovery Plan Meets Reality

Here's where we separate disaster recovery theory from practice: your ability to bounce back isn't about how sophisticated your prevention measures were. It's about how quickly and completely you can recover your systems and data.

Would your organisation be able to restore critical systems within hours? Or would you be looking at days – possibly weeks – of digital paralysis while watching your competitors continue to serve customers?

Every organisation must have backup systems - period. The real questions are:

  1. Are your backups themselves protected from the same threats targeting your primary systems?
  2. Are you air-gapping critical infrastructure (air gapping involves physically disconnecting a network or computer from external connections) to make it physically inaccessible to malevolent actors?
  3. Can you actually restore from backup media quickly when things go wrong? When under attack, will you be physically capable of accessing huge cloud backups to restore them? Or should you store them on local, more accessible locations (encrypted, of course)?
  4. Have you properly tested your full recovery process under realistic conditions?

Unfortunately, many organisations, like M&S and Crowdstrike customers, discover the answers to these questions only when disaster has already struck.

The Real Cost of "Good Enough" Recovery Plans

Let's acknowledge a common business reality: disaster recovery budgets, and cyber-resilience in particular, often get trimmed because they're seen as insurance for events that "probably won't happen." The errant belief that a “bullet-proof” cyber-security strategy is the best approach has been laid bare all too often in the last couple of years. Those budget decisions look rather different now, as we watch the M&S scenario unfold with its seven-figure daily losses.

This "Titanic" mindset leads to predictable vulnerabilities:

  • Backups that aren't tested regularly
  • Recovery processes that exist in theory but not in practice
  • Protection systems vulnerable to the same attacks they're meant to safeguard against
  • Training that's treated as a one-time exercise rather than an ongoing commitment

The business impact extends far beyond immediate financial losses. There's the reputational damage, the lost customer trust, and the competitive disadvantage while you're struggling to get back on your feet. Those customers you disappoint today might be shopping with your competitors tomorrow.

And this isn’t the first time we've seen this happen. The 160-year-old haulage firm Knights of Old collapsed in 2023 after hackers corrupted critical data, despite having what they believed were strong protections. "We felt we were in a very good place in terms of our security," admitted former director Paul Abbott. In the end, the 730-employee company was forced into administration. While companies like M&S have greater resources to recover, smaller businesses face existential threats. This reality highlights why every organisation needs not just prevention, but a reliable backup and recovery strategy as their final line of defence.

Building Cyber Resilience

If there's a silver lining to watching these cyber-attacks unfold, it's that they provide a chance to honestly assess your organisation's recovery readiness before you're the one making headlines.

The path forward isn't just about buying better technology; it's about fundamentally changing how your business thinks about recovery:

  1. Treat backup and recovery as business continuity, not IT maintenance: This isn't about compliance; it's about operational resilience.
  2. Test your recovery processes regularly: Don't just verify backups exist – simulate full recovery scenarios that mirror real-world conditions.
  3. Protect your safety net: Ensure your backup systems are themselves hardened against the very attacks they're designed to recover from.
  4. Plan for the worst: Have clear, practiced procedures for situations where primary systems are completely compromised.

At Macrium, we've heard first-hand from our business customers the difference between organisations that weather cyber-attacks and those that suffer catastrophic damage. That difference isn't luck – it's preparation. The right backup and recovery infrastructure doesn't just store your data; it gives you a clear path back to operational normality when everything goes wrong.

It's Not If, It's When

As we watch these high-profile attacks unfold, every IT leader should be asking not "Could this happen to us?" but "When this happens to us, how quickly can we recover?"

Because while cyber-attacks may be inevitable, extended downtime and data loss don't have to be. The right recovery solution transforms a potential business-ending disaster into a manageable disruption – costly and challenging, certainly, but survivable.

And in a world where digital resilience is increasingly becoming a competitive advantage, "survivable" might just be the most important word in your business vocabulary.

_Want to strengthen your business resilience against cyber threats? Our team of specialists can help you assess and improve your disaster recovery capabilities. Speak to our team about creating a recovery strategy that works when you need it most. _

Prev Blog image
Previous Post

Macrium Software Named "The One to Watch Company" at Computer Networking Awards 2025

Next Post

How to Accelerate Factory Floor Recovery When Your Network Can't Keep Up: Practical Steps for Manufacturing IT Teams

Next blog image

Latest Blog Post

Latest Video

Need Help?

Our dedicated Support Team are ready to help with any technical issues or problems with Macrium Reflect.

Copyright © Paramount Software UK Limited 2025 Macrium Reflect® is a registered trademark of Paramount Software UK Limited

Contact | Terms & Privacy Policy