Inside the Cyber Attacks Wreaking Havoc on UK Supermarkets

The supply chain supporting major UK supermarkets, including notable names like Tesco, Sainsbury's and Aldi, was recently compromised by a ransomware attack, underscoring critical cybersecurity challenges inherent within logistics frameworks.

Peter Green Chilled, a distributor based in Somerset known for transporting chilled food to regional stores, confirmed the occurrence of a cyber attack on its systems on the evening of 14 May 2025.

In an email viewed by the BBC, the company informed stakeholders that cybercriminals were holding the systems ransom, disrupting order processing capabilities.

"The transport activities of the business have continued unaffected throughout this incident," says Tom Binks, Managing Director at Peter Green Chilled. Further insights into the nature of the attack were not provided.

This is just the latest in a series of cyberattacks on British supermarkets and suppliers recently. 

In the past month, both Marks & Spencer and the Co-op have experienced debilitating issues as a result of hacks and cyberattacks, with supplies compromised and customer data lost.

Supply chains are the Achilles' heel of the supermarket sector

Ransomware attacks typically involve the encryption of critical data by hackers, blocking access to essential computer systems, consequently demanding a ransom to restore system control.

While major retailers like Marks & Spencer have faced similar issues, this event highlights the acute vulnerabilities smaller logistics providers encounter within the integral supply chain sector.

According to Dray Agha, Senior Manager of Security Operations at Huntress, smaller providers often become easy targets.

"Cyber criminals are deliberately targeting parts of the supply chain that create maximum chaos," he says.

"When chilled food distributors go offline, products spoil and shelves go empty fast.

"Cyber criminals know the ticking deadline they've created and are most likely to get paid because they have seized and held hostage critical business functions."

This latest episode signals a critical warning to the interconnected network of supply chains, with attackers seeking to exploit weaknesses across linked systems.

As businesses bolster their cybersecurity, hackers are likely to focus more on exploiting vulnerabilities in supply networks, which are increasingly vital to continuous operations.

"As retailers ramp up their own cyber defences, hackers will be looking to capitalise on the chaos to conduct further attacks," says Sian John, CTO at the global cybersecurity company NCC Group.

"One weak spot that so often gets overlooked is the supply chain."

The emphasis remains on the ability of isolated vulnerabilities within a supply chain to trigger widespread operational shutdowns, highlighting the importance of comprehensive cybersecurity approaches.

A need for collaborative cybersecurity strategies

Forecasts about future cyber threats reveal a likely increase in sophisticated stealth attacks aimed at suppliers by 2025.

"In 2025, we will likely observe a surge of stealth cyber attacks against business-critical suppliers and vendors of large companies and organisations," explains Ilia Kolochenko, CEO at ImmuniWeb

Ilia describes these suppliers as "low-hanging fruit" for cybercriminals. "They frequently do not have sufficient cybersecurity budgets or simply neglect data protection, naively believing that nobody wants to hack them," she says.

Experts like Sian are calling for robust public-private collaborations to tackle these increasing threats.

Sian advocates for the implementation of widespread security frameworks that include rigorous supplier scrutiny, frequent audits and enhanced workforce education.

"Cybersecurity is a shared responsibility," she says.

"Government bodies, regulators and industry groups must work together to share intelligence, offer guidance and promote best practices that protect the integrity of our national infrastructure."

Explore the latest edition of Technology Magazine and be part of the conversation at our global conference series, Tech & AI LIVE.

Discover all our upcoming events and secure your tickets today.

Technology Magazine is a BizClik brand