Two high street giants, two cyberattacks, two very different outcomes. A fortnight on from declaring its systems were breached, Co-op is ready to complete its recovery. The company announced yesterday that shelves should return to normal stock levels by the end of the weekend after reopening its online ordering system for suppliers.
For Marks & Spencer, however, the nightmare continues. Three weeks on from its own cyberattack, the company remains crippled by operational paralysis. Online orders are still suspended, stores are struggling with payment issues, and empty shelves continue to plague customers.
These two incidents were launched by the same hacking collective deploying the same method of attack. The difference in outcome comes down to one fundamental difference: ransomware.
Why is ransomware so disruptive?
Ransomware is one of the most damaging forms of cyberattack. Once inside a company’s network, hackers encrypt critical files and systems, making them completely inaccessible. But the ransom is just part of the problem.
Before launching the encryption stage, attackers often spend days or weeks inside the victim’s systems, quietly stealing sensitive data that can then be leaked, sold, or used as further leverage. This is what happened to M&S. As Co-op’s recovery shows, stopping an attack mid-flow can be the difference between disruption and complete disaster.
How did Co-op avoid ransomware?
According to the hackers themselves, their attempt to install ransomware on Co-op’s systems failed because the company’s IT team discovered the attack in the nick of time and took its systems offline. This decision caused the short-term pain of losing access to its logistical functions but prevented the company from being completely locked out of its systems.
By contrast, M&S reportedly failed to prevent the hackers from deploying ransomware – an oversight that is costing the company an estimated £43 million per week. The company has also admitted that personal customer data was stolen in the hack, including telephone numbers, home addresses, and dates of birth.
How Redstor keeps businesses in control of their data
Redstor’s backup and recovery solutions help businesses maintain business continuity, even in the face of a ransomware attack. Here’s how:
Ransomware-resilient backups
Redstor uses immutable, air-gapped backups to ensure that data can’t be encrypted or deleted by malicious actors. If ransomware strikes, backups remain untouched and ready for when you most need them.
Instant recovery
With InstantData™, you can stream files on demand while full recovery continues in the background. That means you can get back to business in minutes, not days or weeks. With every second of downtime costing companies revenue and their reputation, this is a game-changer.
Malware detection and isolation
Redstor’s malware detection scans your backups for signs of infection before recovery, helping you avoid reintroducing threats during the restore process. In Co-op’s case, acting early stopped ransomware from taking hold. M&S was unable to do the same. With Redstor, you’re equipped to recover regardless.
Unified protection for hybrid environments
Whether you operate in the cloud, on-prem, or in a hybrid setup, Redstor protects all your critical workloads through one single platform, from Microsoft 365 and Google Workspace to servers and endpoints.
Always-on compliance and reporting
Transparency is key to recovering trust. With built-in compliance tools and detailed reporting, Redstor helps you demonstrate your cyber resilience and reassure stakeholders, customers, and regulators alike.
Proactive protection
Co-op made a difficult but ultimately effective choice. By disrupting its own operations, the company was able to avoid the worst-case scenario of being held to ransom. But no business should have to choose between prolonged downtime and total data loss.
With Redstor, you don’t have to. Our platform ensures any organisation can respond decisively, recover quickly, and stay operational – even in the face of a full-scale ransomware attack.
The Co-op and M&S incidents have proven once again that no security posture is impenetrable. With major businesses facing hundreds of attempted cyberattacks per day, the question isn’t if a breach will occur, but when. Put your ransomware fears to rest permanently by getting in touch today.