Russia may have been behind JLR cyber attack, claims Telegraph

The massive cyber attack that crippled Jaguar Land Rover’s (JLR) global production for over a month is being actively investigated for potential links to the Russian state, according to The Telegraph.

The sheer scale of the attack and the resulting economic damage have reportedly raised suspicions among intelligence officials that the hackers may have been acting on behalf of the Kremlin.

Sources indicate that the possibility of Russian state involvement is a major, active line of enquiry, though no final assessment has been made. This follows long-standing warnings from spy chiefs that Russian President Vladimir Putin has been targeting the UK with disruptive cyber operations.

The breach, detected on the last day of August, knocked out all 800 of JLR’s computer systems, forcing an immediate halt to manufacturing operations at factories across the UK, Brazil, Slovakia, and India.

The severity of the incident led the government to underwrite a £1.5 billion loan guarantee to protect JLR and its vast network of smaller suppliers. Outside experts have noted that the hack does not appear to be a typical “ransomware” attack, which commonly involves a demand for payment.

Teams of experts from GCHQ’s National Cyber Security Centre (NCSC) have been deployed to assist the automaker, working to restore systems and determine the origin of the attack.

In recent weeks, Chancellor Rachel Reeves has publicly stated that hostile states, including Russia, have been involved in cyber attacks on the UK, though she did not name specific cases.

James Cartlidge, the shadow defence secretary, called the potential link “very significant indeed,” adding that it “underlines why all the effort in Government needs to be on the defence of the homeland.”

JLR operations at the Range Rover production lines in Solihull finally restarted just last week. However, the investigation into the hack continues, with the government cautioning against speculation while the NCSC and National Crime Agency lead the probe. The incident occurred amid a wider spate of cyber attacks targeting major British businesses.