Is JLR in the fight of its life?
It's hard to say. But the short-term repercussions of its recent cyber attack are certainly alarming
Anyone keeping track of the ongoing saga of JLR’s recent cyber attack would be hard pushed not to think the situation is going from bad to worse. Or, as seems likely, the situation probably qualified as the worst possible case scenario from day one, and now we’re simply witnessing the ripples as they radiate out from its two-week-old centre. We cannot be sure because JLR, understandably, and much like the similarly afflicted Marks & Spencer before it, will not discuss the full extent of the damage rendered to its systems, nor commit to a timeline for restoring them. But the scale of the aftermath is becoming abundantly clear.
On the one hand, this stems merely from being forced to stop. Which modern car factories and their intricate supply chains are not equipped to do without severe and almost immediate repercussions. JLR’s production lines - all of them, we’re told - have ceased to function. This is not merely inconvenient and troubling for its workers and financially damaging for the manufacturer itself, but potentially ruinous for its many suppliers. Unite, the UK’s automotive union, says it has already had reports of workers being laid off as a direct result of JLR’s shutdown. On Friday, it urged the government to “act fast and introduce a furlough scheme to ensure that vital jobs and skills are not lost while JLR and its supply chain get back on their feet”.
The implications do not stop there. The jobs of staff directly employed by JLR are not currently at risk, but the wider strain on the company is implicit in the size of the numbers being bandied about. Some have optimistically suggested that paralysis is already costing JLR £5m a day. Should the stoppage last until November— a timeframe suggested by an unidentified Telegraph source - the newspaper calculates that almost 50,000 cars would go unmade. Dealers have reportedly resorted to pen and paper to register sales, but the impact is also affecting existing customers as servicing and repairs are delayed by a lack of spare parts - or else the inability to order them. The consequences of a disrupted supply chain, as former Aston Martin boss Andy Palmer noted last week, can have “many unexpected consequences”.
All this with precious little sign of a light at the end of the tunnel. As you might expect, JLR’s most recent official statement confirmed that it was ‘working around the clock’ to resolve the problem, while also being forced to admit that the personal data of some customers had been compromised. In the meantime, it has reportedly denied telling suppliers that it was targeting a mooted restart in November, yet is unwilling (or unable) to offer an alternative. Much, of course, will depend on the type and severity of the compromise. A company of JLR’s size and importance is certainly the recipient of direct support from the National Cyber Security Centre, and built-in disaster recovery ought to have afforded it some protection— but the same hacking group that breached M&S has already boasted publicly about using a similar flaw in third-party software to gain access to JLR’s internal systems.
Understanding the means of entry is crucial because no restart can credibly occur without the original backdoor being safely closed— otherwise, it would likely be exploited again to the same ends. Even then, JLR faces the enormously complicated job of reintegrating people (and the permissions and credentials they depend upon) with its reassembled software infrastructure. For a company as inherently complex as a large-scale global carmaker, dependent not just on thousands of employees but numerous suppliers and fabricators too, the job of ‘rebuilding’ is fraught with challenges. By way of comparison, it took M&S around three months to fully resume its click-and-collect service. In that time, £1 billion had been wiped from its market value.
If JLR is unlikely to improve upon the time taken to get to that point, it can at least take heart from M&S’s direction of travel. Before its own cyber attack, the retailer was credited with transforming itself from a tired if well-respected institution into a growing business again, thanks to numerous changes made to how it operated and the product lines it sold. This strategy has not faltered in the wake of its attack; its losses at least partially recouped through insurance claims. JLR, newly furnished with its holistic vision of ‘modern luxury’, does not want for cars that people wish to buy, nor the aspirational image required to make them pay over the odds. And while it faced numerous, well-publicised hurdles prior to August 31st, none seemed so troubling as to be insurmountable. Indeed, finding the right kind of solution to many of them (electrification included) was vital to making the firm a more prosperous and ultimately successful place to work. With any luck - and some will surely be required along the way - JLR might eventually look back at the events of this summer in the same light.
Wouldn’t surprise me if the groups were being backed / financed by hostile states.
A really good way to grow Chinese car sales is to shut down domestic production…
When companies like M&S and JLR are brought to their knees like this, it goes beyond simple fraud and crime to almost an attack on the entire UK. Maybe it's time to inflict some physical pain on the attackers, if they can be found..
I do agree that you can stop a major organisation by just one person clicking on an email when they shouldn't - that's quite a sobering thought.
Jaguar, perhaps.
Profit AFTER TAX was £2.6 BILLION. A 15% increase
£7m profit per day. Every day of the year.
It used to be said that a successful company would have a solid "home" market for its bread and butter with exports being jam on the top. Companies like JLR have played the game the opposite way around - totally reliant on exports. Half a sniff of trouble from those export markets and the whole house of cards comes tumbling down. Add to that Rachel Reeves' increase of "employment tax" and it just gets even worse.
When companies like M&S and JLR are brought to their knees like this, it goes beyond simple fraud and crime to almost an attack on the entire UK. Maybe it's time to inflict some physical pain on the attackers, if they can be found..
When companies like M&S and JLR are brought to their knees like this, it goes beyond simple fraud and crime to almost an attack on the entire UK. Maybe it's time to inflict some physical pain on the attackers, if they can be found.
Physical pain? Smacking your kids bum can put you in the judicial system, adding to the long court waiting lists, and someone else getting early release to put you in.
With pretty much a generation of youth lost to social media and not the workforce, the massive rise in personal online scamming, these digital attacks, big business telling us we need to stay indoors and pay for convenience to our door and the Chinese taking over the Automotive market , which they can probably switch off and block our roads at will lol, being cynical.
Anyone else think it is destroying society as most of us of a certain age know it? Helped by a massive rise in the use of the drugs the authorities have gone soft on and big bottles of gas and balloons , the country is skint and fooked.
Wouldn t surprise me if the groups were being backed / financed by hostile states.
A really good way to grow Chinese car sales is to shut down domestic production
Profit AFTER TAX was £2.6 BILLION. A 15% increase
£7m profit per day. Every day of the year.
It used to be said that a successful company would have a solid "home" market for its bread and butter with exports being jam on the top. Companies like JLR have played the game the opposite way around - totally reliant on exports. Half a sniff of trouble from those export markets and the whole house of cards comes tumbling down. Add to that Rachel Reeves' increase of "employment tax" and it just gets even worse.
They could have protected themselves more, as anyone knows who’s been in a ‘modern’ company - risk registers abound and are managed by well paid white collar workers. This will have been risk NUMBER 1 - and all the execs would have convinced themselves that they were ‘completely safe’… turns out that the lack of will to deal with the REAL risks to the business are oh so easily powerpointed away…
So talk of ‘lost money’ is only in the context of money they should have spent before - but chose not to - and decided to have their profits: bigger and earlier, so now, the inevitable will happen: Costs cut, workers impacted etc, I expect the execs will get a bonus for how well they handled the situation their leadership created in the next bonus cycle…
In a minute we will be giving them a bail out - just like the banks (remember that debacle? Now you get asked where your £250 cash deposit came from as a result of that episode) & covid self inflicted financial harms, nothing new in this story, nothing at all…
t.I am very suprised, we tend to drop onto short time working fairly regularly, dictacted by the markets and global events. Earlier in the year with Trumps tarrifs we dropped onto a 4 day week, and we had the last week in July and first week in August as unpaid shutdown due to the market being slow.
I am expecting similar in the coming weeks.
If JLR can't pay them and enough of them go to the wall while this just sorted out, will there be a viable supply base to support a restarting of production?
I was reading about this issue and it is that - rather than the JLR hit directly - that made me wonder if there is a hostile power behind all this. After all, it is severely testing the resilience of what is left of the UK's industrial capacity.
Gassing Station | General Gassing | Top of Page | What's New | My Stuff