The cyber attack on Jaguar Land Rover is estimated to have cost the UK at least £1.9 billion in what is likely to be “the most economically damaging cyber event” for the country.
The month-long shutdown of internal systems and production at JLR affected over 5,000 British organisations, according to an analysis by Cyber Monitoring Centre, a non-profit organization that ranks the severity of cyber events in the UK.
“This incident looks to have been by some distance, the single most financially damaging cyber event ever to hit the UK,” said Ciaran Martin, former head of the National Cyber Security Centre and chair of CMC’s technical committee.
JLR, which is owned by India’s Tata Motors, only recently restarted partial production of its vehicles in the UK following a shutdown since the August 31 attack.
The severe impact on JLR’s suppliers prompted the UK government to intervene with a £1.5 billion loan guarantee to make it easier for the carmaker to access credit.
CMC mainly attributes the financial cost to the fall in vehicle sales and lower profits caused by the production halt, the costs to address the incident, and the impact on its supply chain and other local businesses.
Its estimate is also based on the assumption that JLR would not be able to fully restore its production until January and that the attackers did not infiltrate its so-called “operational technology,” which if they had, would take longer to resolve.
There has been a spate of ransomware attacks on UK companies and organizations in recent years, including retailers Marks and Spencer and Co-op, in addition to NHS England.