CISOs should fortify help desk and employee defenses, enhance intrusion detection and tracking capabilities, and recognize that paying ransoms is not a viable strategy.

The UK’s Marks & Spencer suffered a cyberattack in late April that damaged the high-end retailer’s operations and is expected to cost the company over $400 million.

That attack was quickly followed by similar incidents that struck two other iconic British retailers, Harrods and the Co-op, sparking widespread press coverage and fueling consumer fears across the UK as shelves ran empty and online ordering ceased.

All three incidents have been attributed to a loose collective of young, native English-speaking hackers called Scattered Spider, also known as UNC3944, Starfraud, Scatter Swine, Muddled Libra, Octo Tempest, and 0katpus...