Jaguar Land Rover Hack 'Has Cost 30,000 Cars and Threatens Supply Chain' (thetimes.com)
- Reference: 0179505976
- News link: https://it.slashdot.org/story/25/09/24/0344223/jaguar-land-rover-hack-has-cost-30000-cars-and-threatens-supply-chain
- Source link: https://www.thetimes.com/uk/transport/article/jaguar-land-rover-hack-has-cost-30000-cars-and-threatens-supply-chain-qttb3sb0n
> David Bailey, professor of business economics at Birmingham University, said the JLR statement did not commit to reopening production on October 1 and even if it did "it's not going to be back to normal, but phased production start with some lines opening before others, as we saw after the Covid closure back in 2020." He said: "It's 24 days [shutdown] as of September 24. So that is roughly 1,000 cars a day, 24,000 cars not produced. So by then, that's about 1.7 billion pounds in lost revenue. By October 1, it will be a hit to revenue of something like 2.2 billion pounds. It's pretty massive. JLR can get through, but they're going to be burning through cash this month."
>
> Bailey also raised concerns that smaller companies further down the supply chain lacked the cash reserves to withstand the shutdown. The company directly employs more than 30,000 people, and it is estimated that approximately 200,000 workers in the supply chain depend on work from JLR. "The union has said that in some cases, staff have been told to go and apply for universal credit. There are firms I know that have applied for bank loans to keep going. But even then, you know they're approaching the limit of what they do. There's an added knock-on effect that some of the suppliers also supply other car assemblers, Toyota or Mini. So some of those are concerned that bits of the supply chain may go under and affect them as well, because the industry is so connected. One way or another, the government's going to take a hit. Either through some sort of emergency support, whether that's furlough or emergency short-term loans or through unemployment benefit, if this carries on."
>
> There has been uncertainty over the extent of the cyberattack and exactly how the company has been affected, as well as who is responsible for it. According to one source, some JLR staff were still unable last week to access the Slack messaging system through the company's "one sign on" system. The JLR statement added: "We have made this decision to give clarity for the coming week as we build the timeline for the phased restart of our operations and continue our investigation."
[1] https://it.slashdot.org/story/25/09/08/2044243/jaguar-land-rover-extends-shutdown-after-cyber-attack
[2] https://www.thetimes.com/uk/transport/article/jaguar-land-rover-hack-has-cost-30000-cars-and-threatens-supply-chain-qttb3sb0n
They should look at the bright side ... (Score:3)
... and be glad it's not nearly as much economic damage as that recent absolutely epic hydrogen bomb of a Jaguar rebrand did. ROTFL!
Re: (Score:3)
Brexit and the fact that LR vehicles are very easy to steal due to a botched keyless entry system probably did more harm. COVID too of course.
Re: (Score:3)
I just don't understand the rush to keyless ignition systems. Whats the advantage? So you get to keep the key in your pocket instead of the ignition barrel. Hardly the last word in reducing driving effort and just makes the cars easier to steal as you said. Seems to me manufacturers are just sheep jumping on fads - see also touchscreen infortainment systems.
Re: (Score:2)
Well the keyless entry can be useful. For example my car lets you open the boot by kicking under the bumper, if you have the key on you. Useful when your hands are full.
Anything less than 100% security negates that occasional benefit though.
Re: (Score:1)
Rusticles can't imagine that there are any vulnerability problems other than memory safety.
Rust will NOT save you from SQL injections or bad passwords.
Dubious Response (Score:1)
Why are you lecturing me on things I didn't say? If anything you agree with me. But plug my statement into ChatGPT if you need clarity. It implies that without Rust the self-driving simulation can be more thorough. But please, babble on about things I didn't mistake.
Get that IT security right or die... (Score:3)
We are not quite there yet, but close. And with AI mostly benefitting attackers, we may be there even as early as next year. It is high time that executives that screw up this massively are personally held accountable. With sane, competent leadership, you may be partially down for no more than a few days after such an attack. If the attackers get in at all. A month downtime just says they did not prepare at all and what they has in security was a complete joke.
Re: (Score:2)
Apropos of leadership accountability...
You know it's bad when those raging communists at Forbes [1]think that your board structure is just shockingly incestuous [forbes.com].
[1] https://www.forbes.com/sites/noahbarsky/2025/09/22/hackers-prey-on-tatas-cozy-boards-to-stall-jaguar-land-rover/
What cost more? (Score:5, Interesting)
I wonder what cost more:
- The decision to hand their IT security to an Indian company. Yes, I know Jaguar is also owned by the same Indian holding company - doesn't matter.
- The decision to completely cease production until they could start producing EVs, resulting in months with no new cars being made.
- The idiotic advertising campaign that had zilch to do with cars, and that their customer base found offensive
Actually, looking at that list, I wonder why the entire management teams hasn't been fired.
Re: (Score:2, Funny)
> Actually, looking at that list, I wonder why the entire management teams hasn't been fired.
Because the HR workstations are still locked up from the last ransomware attack and they never reported it to the help desk.
Re: (Score:2)
This time might be different but I doubt anything was learned by the suits.
Re: (Score:2)
I want to defend the IT crew. Defending against ransomeware is not easy and recovery is a huge undertaking. It can really happen to anyone.
But, LandRover Jaguar do seem to be making some epically shit decisions on an industrial scale. The vehicles are garbage and look like shit. The advertising is unbelievably laughable. Management decisions are highly questionable...
If they survive at all, it will be a miracle. IT will take the blame. Of this I am sure. But, I am personally loath to blame IT without so muc
Re: (Score:2)
> Actually, looking at that list, I wonder why the entire management teams hasn't been fired.
Because success never questions itself.
Time to take IT seriously (Score:2)
Companies like this will never learn, they bring in highly paid IT managers with their MBAs, whose job it is to micro optimise at the expense of the macro function. They listen to the BS being spouted by the sales drones from companies selling IT services, drop all their skilled IT staff and outsource to the cheapest providers. They need to stop treating IT as an expense like their energy bills and start treating IT as a strategic advantage to the company. Having a skilled IT workforce has a cost, but it r
They've asked for it (Score:2)
They probably annoyed a blackhat hacker who's into JLR cars with their new branding rework so now they're getting what they deserve.
Have a back-up system in place.... (Score:3)
Production areas should be totally offline to prevent this. I worked at Merial Athens, Ga and our filling line was for years, completely off-line. Then Management decided that managers / supervisors should be able to watch the production with real time stats and cameras on site and off site. Told them they just made the area hackable !
Re: (Score:2)
One can have monitoring systems connected to the Internet without connecting OT or production lines to the Internet -- although that may mean that your adversaries hack your CCTV and watch your people going to work.
And then some moron on the networking team decides it will save a few bucks to run everything as VLANs on a single switch, so that when (not if) that switch gets compromised, everything becomes accessible to attackers. Not that I'm bitter or anything.
Re: (Score:2)
VLAN? In the age of microsegmentation? You make one huge LAN and rely on the OS firewalls and some endpoint security. Then you shout zero trust really loud and it scares the hackers away. They didn't shout loud enough it seems.
We Here At Slashdot Would Love To Say... (Score:2)
We here at Slashdot would love to say, We told you so but, our systems are not invulnerable and any hubris would be temping fate.
Re: (Score:2)
When there are billions of dollars on the line, that is going to draw some very, very well-resourced attacks. I don't know if that's what happened here, or if Jaguar's defenses and mitigation plans were just THAT bad. But making a public example this disastrous, of a company that well-known, is like a huge shot in the arm to the extortion industry.
should be some High level execs (Score:2)
fired and sued - but there won't!
Re: (Score:2)
That's correct. I've seen so many posts here that blame IT, accounting, procurement, whatever. I've worked in large companies most of my life... and very few employees in any function want to do the wrong thing, or would want to prioritize profit over "correct" behavior. That's all the way from entry-level to middle manager (I include director level as middle manager), and including some VPs. People just don't care that much about corporate profit, when the counterbalance to corporate profit is doing a bad
Nothing that another diverse and colorful ad campa (Score:2)
Jaguar is already gone, they just haven't realized it yet. Cars were shit and sales were falling off a cliff, then UK decided that Brexit was a great idea which made everything 10x worse. So in order to save themselves they decided to appeal to a group of people who don't buy cars, are permanently broke and instead of working fight imaginary societal problems...
Re: (Score:2)
Actually their last ICE vehicles were pretty good, but had bad marketing and were priced up market rather than the mid market they should have been.
But yes, their recent advertising campaign was just absurd performative virtue signalling which has made them a laughing stock.
Why attack Jaguar? (Score:2)
They were going down on their own.
Re: (Score:3)
You still have to pay the workers (no, you can't send them on unpaid leave), pay electricity, there is the hidden cost of amortizations that continue without revenue.
To say that stopping production also stops spending shows a complete lack of understanding of even the basics of manufacturing.
Re: (Score:2)
Then labor and real estate have cost them, not the lack of making cars.
Re: (Score:2)
That's not what you said, you say "hasn't cost them anything". That's wrong. Not making cars still costs them money.
You are also misrepresenting the article. It says "costing 30.000 vehicles". That is a normal phrase for something you can't make even when it does not directly mean monetary value.
You are nitpicking something that needs not be nitpicked.
Re: (Score:1)
Perhaps if these business leaders were aware that the fact that money flowed in the past does not mean it will flow in the future, then business plans would be more resilient to small interruptions like this.
Re: Costs (Score:2)
So their part suppliers who probably have a very small profit margin should charge more? Then they would likely lose the contract bid.
Being down for days is a very big struggle, bring down a whole month can wreck the supply chain.
Re: (Score:1)
Why are they going into business at all if the profit margin is so small?
Re: (Score:2)
Now your complaint is that capitalists are too efficient ?
Low profit margins indicate the ability to run a business efficiently and without monopoly power to gouge customers.
Re: (Score:1)
Operating on interest is not efficient.
Re: (Score:2)
This has nothing to do with interest, you economic ignoramus.
Re: (Score:2)
So, you know clearly nothing of value here but insist on spouting nonsense at every opportunity. You are either Donald Trump or a troll. Well, both are trolls, so now we know.
Re: Costs (Score:4, Interesting)
I have a couple decades of experience in mass production supply chain. For something complex like an automobile, you could have 4 or 5 "tiers" of suppliers. Tier 1 suppliers are those who deliver directly to the production line, usually in sub assemblies. Tier 2s deliver to the Tier 1, and so on.
The lower in tier, often the more competitive the market can be because you're only supplying pretty basic components with no assembly. Increasing cost to increase profit margin could be the difference in winning a big contract or not. The companies bid on contracts that last maybe 3-5 years and are out in the future a couple of years. They operate on a very slim profit margin but are still making money.
You take that concept and add a bit more complexity for each tier it moves up until you get to the tier 1 where labor happens to be a big part of overall cost due to the sub assemblies they are putting together. If you're not producing anything, you're not selling anything. These companies are not sitting on a huge cash reserve.
Every slight change to the cost structure simply makes the end product more expensive, then you likely sell less vehicles.
Re: (Score:2)
Things someone who has never worked at a startup says.
Re: (Score:2)
This is what TBTF is all about. Big might be efficent but it is also brittle.
In a more ideal market place, supplies would have more clients, and each client would be a small enough part of their overall book of business, having one stop orders for a while would not put them out of business.
We used to have hundreds of small automakers, just in the US, now we probably don't have triple digits the world over.
Re: (Score:2)
But the phrasing should be about losing money, not "losing" cars.
Re: (Score:1)
The fact is that they have made so many billions from cars in the past, they aren't even losing money. They aren't going bankrupt doing it so obviously the money made in the past exceeds what they are paying for costs now. So they aren't losing money, they just aren't making any at present. It just seems like entitlement, like they have made money on the past so they feel they have a right to keep on going.
Re:Costs (Score:4, Interesting)
Do you honestly think they have those many billions in the bank? The rest of your post also show you have 0 idea of how a business works. And where does entitlement even come into play?
Re: (Score:1)
Apple has billions in the bank. More than the economies of Canada and Europe combined. Why wouldn't every company? That's my point. It's either entitled to think the gravy train will keep on coming or it's short sighted.
Re: (Score:2)
finallt an honest right winger who practiced what he preached and watered the tree of the 2nd ammendment himself instead of expecting some one elses child to do it/ Why the guys almost a saint!
Re: (Score:2)
Most companies are not like Apple. Companies who make components for cars deal primarily in physical goods being sold to businesses, and do not make huge profits by appropriating 30% (or whatever it is now) of every transaction in a digital market, or sell their own physical goods at high markup because they have public cachet. Apple has billions in the bank because they don't know what to spend all their profit on, and don't want to distribute it to shareholders or employees; manufacturing companies can
Re: (Score:2)
> Do you honestly think they have those many billions in the bank?
Jaguar says they have " [1]a global cash balance of £4.2 billion [jlr.com] reflecting total cash and cash equivalents, deposits and investments" and [2]corporations worldwide are hoarding cash [hec.edu].
It's unclear why you economics "experts" on Slashdot are ignoring the well known fact that corporations are actually sitting on trillions of dollars (or whatever currency units, ofc) at the moment, more than they have ever held previously, but ignorance isn't a good look.
[1] https://www.jlr.com/annual-report-2024
[2] https://www.hec.edu/en/executive-education/news/corporate-cash-boom-what-every-ceo-needs-know
Re: (Score:2)
He didn't say stopping production stops spending.
He said not being able to produce doesn't cost the product. That phrasing may be applicable if we're talking about food in a famine. Then the lack of production becomes a cost to society. That is not what is happening here.
If you're gonna 'ackchually' people, especially with an ad hominem, you ought to take better care that you understood what was said.
Re: (Score:1)
Yet every time I bring this up, people are all "but you have retirement funds". So yeah it is a cost to society by that definition.
Re: (Score:2)
actually that's exactly what they have done!
Re: (Score:1)
They have running costs, shipments of materials, orders that get cancelled, contractual penalties, etc. Business people get many things wrong, but this is not one of them.
Re: (Score:2)
I have running costs too, that's why I have some savings.
Re: (Score:2)
You are not an enterprise. You have personal flexibility an enterprise cannot even dream of.
Re: (Score:2)
How to say you don't know how business works without saying I don't know how business works. It is likely that you also believe that businesses should not make a profit.
You're Embarrassing Yourself (Score:2)
Business tycoon you ain't.
At least read the summary. Not building vehicles has a very real 2 billion GBP and counting cost.