惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

AI
AI
G
Google Developers Blog
T
Tailwind CSS Blog
大猫的无限游戏
大猫的无限游戏
量子位
月光博客
月光博客
美团技术团队
阮一峰的网络日志
阮一峰的网络日志
罗磊的独立博客
T
The Exploit Database - CXSecurity.com
C
CXSECURITY Database RSS Feed - CXSecurity.com
Latest news
Latest news
P
Privacy International News Feed
www.infosecurity-magazine.com
www.infosecurity-magazine.com
WordPress大学
WordPress大学
博客园 - 三生石上(FineUI控件)
TaoSecurity Blog
TaoSecurity Blog
Hacker News: Ask HN
Hacker News: Ask HN
Hugging Face - Blog
Hugging Face - Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
C
Cisco Blogs
Project Zero
Project Zero
Security Latest
Security Latest
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
人人都是产品经理
人人都是产品经理
Scott Helme
Scott Helme
S
Securelist
有赞技术团队
有赞技术团队
T
Threat Research - Cisco Blogs
N
News | PayPal Newsroom
博客园 - 聂微东
小众软件
小众软件
S
SegmentFault 最新的问题
D
Darknet – Hacking Tools, Hacker News & Cyber Security
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
P
Privacy & Cybersecurity Law Blog
博客园 - Franky
Cyberwarzone
Cyberwarzone
Cisco Talos Blog
Cisco Talos Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Spread Privacy
Spread Privacy
A
Arctic Wolf
S
Security @ Cisco Blogs
The Hacker News
The Hacker News
腾讯CDC
博客园 - 【当耐特】
T
Troy Hunt's Blog
NISL@THU
NISL@THU
爱范儿
爱范儿

The Register - Security: CSO

Anthropic's Mythos has The Kettle crew curious, skeptical 'People's Panel' to check if UK wants controversial Digital ID will cost £630K Top npm package backdoored to drop dirty RAT on dev machines Lightning-fast exploits mean patch fast, says Cisco Talos Lightning-fast exploits mean patch fast, says Cisco Talos Smooth criminals talking their way into cloud environments, Google says Cybercrime up 245% since the start of the Iran war Scattered Lapsus$ Hunters seeks women to defraud helpdesks Every day in every way, passwords are getting worse CISA quietly updated ransomware flags on 59 flaws last year Deepfake job seeker applied to work for an AI security firm Deepfake job seeker applied to work for an AI security firm AI-powered cyberattack kits are 'just a matter of time' AI-powered cyberattack kits are 'just a matter of time' FortiGate SSO bug still exploitable despite December patch FortiGate SSO bug still exploitable despite December patch Judge tosses CrowdStrike shareholder suit over 2024 outage DRAM shortage may drive firewall prices higher: analysts Ransomware attacks kept climbing in 2025 as gangs refused to stay dead Around 1,000 systems compromised in ransomware attack on Romanian water agency 1,000 systems pwned in Romanian Waters ransomware attack Half of exposed React servers remain unpatched amid attacks CISA warns spyware crews are breaking into Signal and WhatsApp accounts FCC guts Salt Typhoon telco rules despite espionage risk CISA orders feds to patch Oracle Identity Manager zero-day SEC drops SolarWinds lawsuit that painted a target on CISOs everywhere SEC bails on SolarWinds lawsuit Palo Alto kit sees massive surge in malicious activity amid mystery traffic flood Palo Alto kit sees massive surge in malicious activity Countries use cyber targeting to plan strikes: Amazon CSO Overconfidence is the new zero-day as teams stumble through cyber simulations UK's Cyber Security and Resilience Bill makes Parliamentary debut Cyber insurers paid out over twice as much for UK ransomware attacks last year Cyberpunks mess with Canada's water, energy, and farm systems Trump's workforce cuts blamed as America's cyber edge dulls Feds flag active exploitation of patched Windows SMB vuln How malware vaccines could stop ransomware's rampage Salesforce refuses to pay ransomware crims' extortion demand Germany slams brakes on EU's Chat Control snoopfest Germany slams brakes on EU's Chat Control snoopfest Employees regularly paste company secrets into ChatGPT Oracle tells Clop-targeted EBS users to apply July patch Red Hat repos raided, claims cybercrew, files stolen Suspected Chinese spies broke into 'numerous' enterprises UK gov acknowledges 'strong case' for JLR financial support UK chancellor blames cyberattacks on Russia despite evidence Fortra discloses 10/10 severity bug in GoAnywhere MFT Entra ID bug could have granted access to every tenant UEFI Secure Boot for Linux Arm64 – where do we stand? JLR says cyber cleanup to take additional week Insider blamed for FinWise data breach affecting nearly 700K Nork snoops whip up fake military ID with help from ChatGPT UK government dragged for incomplete security reforms Church of England abuse victims exposed by lawyer's email US spy chief claims UK backdown on Apple backdoor demand Workday confirms CRM breach via social engineering Black Hat/DEF CON: AI more useful for defense than hacking Ex-White House cyber guru talks Microsoft security fails CISA releases malware analysis for Sharepoint Server attack China: US spies used Microsoft Exchange 0-day to steal info Security pros drowning in threat-intel data Identity attacks surge 156% as phishermen get craftier Organizations can’t keep up with supply chain security musts Amazon CISO: Iranian hacking crews ‘on high alert’ UK data watchdog fines 23andMe £2.3M over 2023 breach Employers are demanding too much from junior cyber recruits FCA warned four staffers who pocketed regulator data Ransomware just wrecked your network – now what? Ivanti RCE attacks 'ongoing,' exploitation hits clouds Ex-NSA listened to Scattered Spider's calls: 'They're good' Snowflake CISO talks lessons learned from breaches, improv Why CVSS is failing us and what we can do about it Infosec pros still aren't nailing the basics of AI security Ransomware crims targeting systems between IT and operations Why aggregating asset inventory leads to better security NCSC and industry at odds over how to tackle shoddy software Powerschool extortionists may not have deleted stolen data CrowdStrike trims workforce by 5 percent, aims to rely on AI NSO Group must pay Meta $168M in WhatsApp spy case Ghost in the shell script: Boffins seek code correctness How Intruder finds what others miss in cloud security Linux malware can avoid syscall-based endpoint protection Infosec pro blabs about alleged malware mishap on LinkedIn The future of AI in cybersecurity in a word – optimistic CVE board 'kept in the dark' on funding, members say Security snafus caused by third parties up from 15% to 30% Blue Shield shared 4.7M people's health info with Google Ads Who needs phishing when your login's already in the wild? US cyber defenses are being dismantled from the inside Bug hunter obtains an SSL cert for Alibaba Cloud in 5 steps
JLR extends shutdown – again – as toll on workers laid bare
Connor Jones Connor Jones · 2025-09-23 · via The Register - Security: CSO

Jaguar Land Rover is extending the shutdown of its production plants another week in a move that experts say could cost the business in the multiple billions.

The luxury carmaker confirmed today that it will not be building cars again until at least October 1, at which time major production sites at Solihull and Halewood will have been idle for a month.

JLR said in an announcement: "We have made this decision to give clarity for the coming week as we build the timeline for the phased restart of our operations and continue our investigation.

"Our teams continue to work around the clock alongside cybersecurity specialists, the NCSC, and law enforcement to ensure we restart in a safe and secure manner.

"Our focus remains on supporting our customers, suppliers, colleagues, and our retailers, who remain open. We fully recognise this is a difficult time for all connected with JLR and we thank everyone for their continued support and patience."

David Bailey, professor of business economics at the University of Birmingham, told BBC West Midlands Radio that by the earliest suspected restart date, JLR could be losing out on around £2.2 billion ($2.9 billion) in revenue and £150 million ($202 million) in profits.

"It's one of the worst crises the company has ever faced," he said. "We've seen it get through the global financial crisis, through Covid, through the semiconductor crisis, but we've not had anything like this before, where the company has not made any cars for a month. 

"There's almost the assumption in much of the national media that we don't make anything anymore. We do, and workers on Merseyside and the West Midlands make fantastic cars which are sold all over the world. Formally, manufacturing might only account for 10 percent of our economy, but in reality, the impact of all of that in terms of services that are linked to it in terms of financial services, accountants, lawyers, marketing, but also right down to bacon butties, the impact of that is much, much bigger."

Reports also emerged today that JLR may not have adequate cyber insurance to cover the costs associated with the attack and production shutdown.

Insiders told The Insurer that the company had allegedly failed to finalize an insurance policy before the attack took place. If confirmed, it's a factor that could exacerbate the company's financial outlay.

The UK's business secretary, Peter Kyle, is due to meet representatives from JLR and various companies in its supply chain today to gain a greater understanding of the peril that hundreds of thousands of workers are facing.

Calls for a Covid-esque support package for JLR and its supply chain came last week, with Sharon Graham, general secretary at automotive workers' union Unite, saying: "The government needs to defend jobs when our industries are under attack."

Bailey told the BBC this morning:

"I don't think listening is enough anymore. The Department of Business and Trade said it has been monitoring the situation – great – but I really think we're at the point where they need to be putting in place some sort of emergency support because JLR is now saying [they're going to restart on] October 1… there's no guarantee that they're going to restart on October 1. Businesses are running out of money."

She added: "The problem is, if companies go under, that's going to be workers who won't be employed, won't be paying their taxes – one way or another, there's going to be a financial hit for the government. Either they put up the up-front support to keep companies going so the supply chain can be reactivated and JLR can get going again, or they're going to pick up redundancy benefits and unemployment benefits."

With redundancies already being made at JLR suppliers, the type of which are expected to continue the longer the disruption goes on, experts said a failure to support JLR's supply chain could be ruinous for the company, even when production can begin again.

Des Quinn, Unite's national automotive officer, said that supply chain workers are the union's biggest concern, since that's where most of the layoffs thus far have taken place.

Agency workers may go back and get another assignment, they may not, but even if they do, it is unlikely to be on the same wage. 

Some are on reduced earnings due to their layoff agreements, some are on half pay or less, and some are facing the limit of what their employers are prepared to pay them this week. 

Unite continues to encourage the government to establish support for these people, because JLR's restart hinges on supply chain staff having jobs.

The main areas of focus for the attack are JLR's two main production plants – one in Solihull, near Birmingham, which employs around 9,000 workers across the circa 300-acre facility, which has its own bus service to transport workers to other areas of the site. 

The other is in Halewood, in south Liverpool, which employs roughly 3,000 workers and has been in operation since 1963.

However, there is estimated to be at least 100,000 additional workers – possibly more – across JLR's deep supply chain, who are likely to be affected in some way. The disruption also extends to local communities and small businesses, such as cafes and pubs, that serve the workers during the course of their normal workday.

Human impact

The owner of Solihull's Silly Sausage cafe told the BBC that they usually receive bulk orders on a Friday from JLR, and it accounts for 10 percent of the cafe's business, although the orders have stopped as a result of the cyberattack.

This then has a knock-on effect on other small businesses, such as bakeries that supply the bread and butcher shops that supply the cafe's meat.

Pup and Duckling pub dwellers, Tess and Paul, whose son works for JLR, are concerned about the workers' welfare while production is halted.

"He's just on flat rate, he's just moved into his new place, and I think he's going to feel the pinch," said Tess. "It's just awful for them."

Paul added: "They tend to rely on overtime – Saturdays and Sundays – and the shift allowance… so, they're getting flat rate at the moment, but they'll have to pay back any overtime that they've had over a period of months and years, even, but I think [JLR is] doing a great job, they can't do anything better for their employees.

"[Our son] believes that they're going to go back mid-October, November. Hopefully it's not November because he's going to have problems."

Carol, from Old Swan in Liverpool, told the broadcaster that her husband has worked at the Halewood plant for more than 10 years, and is one of the lucky few still working as his role is in maintenance, but he's always waiting for the call instructing him to stay home. 

One of the main reasons for this is that JLR can't order any parts, as the computers that are used to do so remain inaccessible.

"It's very uncertain what's going to happen; it's a terrible time, to be honest," she said. "If my husband does get made redundant, how long will JLR pay the people? 

"We keep on getting told dates – the last date was the 24th, but now they're talking about January. Now, we're terrified of spending money; we're just worried about bills and Christmas."

The attackers

While formal attribution is yet to be made, it is widely believed that the attack is the work of the group known as Scattered Lapsus$ Hunters – a collaborative effort by certain members of the three individual congregations of teenage cybercriminals Scattred Spider, Lapsus$, and Shiny Hunters.

Steve Rotheram, mayor of the Liverpool city region, described those behind the attack as "absolute monsters," who "don't realize the impact they're having not just on the company, but on the workforce."

He added: "Anything that endangers things like production at Halewood, Speke, in that area, is something of major concern to us. So, we are looking at doing everything we can, and the government have offered their full support to JLR."

It seems Rotheram is not a regular reader of The Reg, because he would know that in most cases the criminals behind these attacks are fully aware of the potential – sometimes deadly – impacts of their attacks.

He also made the same mistake as chancellor of the exchequer Rachel Reeves in falsely attributing the attacks on major UK organizations to those with government backing. ®