Jaguar Land Rover claimed the security of its computer systems was “transformed” and on a “positive trajectory” just months before a devastating cyberattack crippled Britain’s biggest carmaker, The Mail on Sunday can reveal.
The firm is now facing billions of pounds in losses after hackers broke into its IT network at the end of August. The breach forced Jaguar Land Rover to shut its three factories located in Solihull and Wolverhampton in the West Midlands, and Halewood in Merseyside. These sites are expected to remain closed until at least Wednesday, but there are fears the production shutdown could last much longer, increasing pressure on Jaguar Land Rover’s extensive network of suppliers.
Ministers have been scrambling over the weekend to pull together a rescue package. However, the support plan stops short of a Covid-style furlough scheme designed to pay workers to stay at home.
Jaguar Land Rover’s three factories produce about 1,000 cars a day and directly employ 30,000 people. Additionally, another 200,000 workers in the just-in-time supply chain depend on the carmaker for their jobs.
Experts estimate that Jaguar Land Rover is burning through up to £1 billion in cash every month due to the disruption. Compounding the crisis, the firm had not taken out cyber insurance to protect itself from hacker attacks, leaving it liable for all losses and associated costs stemming from the attack.
Despite the recent attack, the Indian-owned company had been increasingly confident about its cybersecurity. Its latest accounts, signed off in May, painted an improving picture of its information security systems, describing them as being on a “positive trajectory.”
“We are on the right path with the necessary momentum and investment to systematically reduce risks while enhancing cyber readiness and resilience,” stated the principal risks section of the report. It also added, “IT operations are being transformed.”
Jaguar Land Rover’s IT services are outsourced under an £800 million, five-year deal to Tata Consultancy Services (TCS), which, like Jaguar Land Rover, is part of the Tata business empire. TCS also provides IT services to Marks & Spencer and the Co-op, two retailers that were hit by costly cyber attacks earlier this year, each losing hundreds of millions of pounds.
Financially, Jaguar Land Rover is highly profitable with deep pockets. The company made £2.5 billion in pre-tax profit last year and, as of the end of June, had £5 billion in liquidity — comprising £3.3 billion in cash and a £1.7 billion loan facility.
“This is a pretty solid liquidity position,” said David Bailey, professor of business economics at Birmingham Business School. “JLR will get through this.”
However, Bailey warned that without Tata’s continued support, Jaguar Land Rover could have as little as three to four months left before running out of cash if the disruption continues. The company has already manually paid £300 million to suppliers in recent days to keep them operational.
“JLR is facing its biggest crisis ever and is doing its bit to keep suppliers going,” Bailey said.
Tata Consultancy Services told MPs this week that it was “premature to provide a definitive” assessment of the financial impact but added that the company was in a “good position” to secure extra borrowing if needed.
Hopes that the worst of the cyberattack may be behind them were raised last week when Jaguar Land Rover announced that some of its systems were back online. The company said it was “working to clear a backlog of payments” to suppliers as it increased its processing capacity for invoicing.
Bailey added, “Tata Consultancy Services clearly has some very big questions to answer as to how JLR was left so vulnerable. This has become the biggest crisis in JLR’s history and has required a massive effort by all involved at the firm to get through this. There needs to be a deep-dive, root-cause analysis of how this happened and how to avoid it in the future.”
Tata Consultancy Services was contacted for comment.
While car production remains on hold, a spokesperson for Jaguar Land Rover said:
“Our teams are working around the clock, alongside cybersecurity specialists, the National Cyber Security Centre and law enforcement to investigate the cyber incident. The foundational work of our recovery programme is firmly under way and we thank everyone connected with JLR for their continued support and patience.”
https://www.thisismoney.co.uk/money/markets/article-15139497/Jaguar-Land-Rover-systems-boast-just-months-hack.html?ns_mchannel=rss&ns_campaign=1490&ito=1490
