A Cyber Crisis: Will the UK Government Save Jaguar Land Rover's Suppliers?

After a cyber-attack forced Jaguar Land Rover (JLR) to suspend its production, the UK government is contemplating measures to protect the carmaker’s vulnerable suppliers. The attack, which occurred at the end of August, led JLR to shut down its IT systems, with production halted until at least the beginning of October. As fears mount about the potential collapse of smaller suppliers who rely heavily on JLR, the government is looking into purchasing car parts directly from these firms to keep them afloat during the crisis.

However, suppliers have expressed skepticism about this proposed solution, arguing that the government does not fully grasp the complexities of the automotive supply chain. One anonymous supplier lamented, “We don’t need promises, we need help.” Chancellor Rachel Reeves stated the government aims to support JLR and its supply chain as they work to resume operations.

Currently, JLR typically produces around 1,000 cars a day from its three main facilities in the West Midlands and Merseyside, employing 30,000 workers directly and impacting around 100,000 in related industries, including cafes and transport providers. The disruption caused by the cyber incident is estimated to be costing JLR about £50 million a week.

While options such as government-backed loans for suppliers and potentially a Covid-style furlough scheme were discussed, the government seems to prefer direct intervention by stockpiling parts, despite logistical challenges and supplier reluctance. An investigation into the cyber-attack, which has also affected JLR’s international operations in Slovakia and China, is ongoing.

The incident raises concerns about increasing cyber threats to UK businesses, as evidenced by similar attacks on companies like Marks & Spencer and the Co-op. Notably, a group called Scattered Lapsus$ Hunters has claimed responsibility for the recent hack on JLR.

As the situation unfolds, the Business and Trade Select Committee is gathering evidence from affected suppliers to share with lawmakers, underscoring the urgent need for a comprehensive response to this growing cyber risk.