Redazione RHC : 16 September 2025 07:08
The cyber attack on Jaguar Land Rover, which paralyzed the company’s operations, has become one of the most serious crises for the British car manufacturer. The company was forced to disable IT systems and halt production at its Solihull, Halewood, and Wolverhampton plants. The assembly lines have been idle for almost two weeks and will not resume operation until midweek. The losses are estimated at tens of millions of pounds, and the consequences have affected not only the company but also its extensive supplier network.
According to experts, the daily damage to JLR is between $6.8 million and $13.6 million, and total losses have already exceeded $50 million. At the same time, the company has a margin of safety: annual pre-tax profit has reached $3.4 billion, allowing it to withstand the crisis if it does not drag on for months. But a far more painful blow has been inflicted on suppliers, including many small and medium-sized businesses.
Their dependence on contracts with JLR is so strong that the disruption to the conveyor belts threatens them with bankruptcy. Former Aston Martin boss Andy Palmer is confident that some of these companies will not be able to survive the pause and will begin massively laying off staff.
Some companies have already laid off employees on the condition that they “work off” the accumulated hours, while others have opted for layoffs. One small supplier reported losing almost half its staff. At the same time, large companies are trying to retain skilled workers, but if the idle period continues, they may have no choice. In total, there is talk of 250,000 jobs in related sectors, and the chain reaction threatens to overwhelm the entire sector.
The UK government is facing pressure from unions and MPs to urgently introduce a wage subsidy program. They are calling for a mechanism similar to the Temporary Job Support Scheme to cover workers’ incomes during the idle period and prevent the loss of skills. Unite leader Sharon Graham said that thousands of supply chain workers were immediately put at risk by the incident and that any delays will result in long-term losses.
JLR admits that restoring its IT systems has proven much more difficult than expected. Production processes and supply chains are fully automated, so, after the networks were disconnected, conveyor belt blockages were inevitable. The disruptions also affected sales, but temporary solutions were implemented for dealers. The company confirmed that some data may have been compromised. The carmaker is working with the National Cyber Security Centre (NCSC) to investigate and mitigate the impact.
The government says it is in daily contact with JLR management and cybersecurity experts. Business and Trade Minister Chris Bryant emphasized that he understands the full impact of the attack and is discussing options with the company to address the crisis. However, for hundreds of suppliers and their employees, timing remains crucial: the longer production remains disrupted, the greater the risk that a temporary shock will turn into long-term damage for the entire industry.
Bryant also listed the tools currently being used by the government to push the market towards the “Secure by Design” principle. Requirements for the protection of connected devices and codes of conduct for software and AI system developers have already been introduced. For managers, there is a cyber governance code and training courses for board members; for companies of all sizes, there is the Cyber Essentials certification, which, according to the government, reduces the likelihood of an insurance claim after an attack by 92%, and free NCSC services. At the same time, the government has again warned against paying extortionists: this fuels the criminal model and does not guarantee recovery.
The minister recalled that last year 40% of the country’s companies admitted to having suffered cyber attacks and that the attackers’ arsenal is expanding, from social engineering in call centers to artificial intelligence-generated voices. The government’s policy is constant monitoring, with a priority on prosecuting and incarcerating criminals, as well as eliminating weaknesses in the companies’ outdated IT infrastructure. The short-term agenda is to inform JLR employees and suppliers about the recovery program and ease tensions related to payments and employment. In the medium term, it is to improve basic cyber hygiene for everyone, from corporations to NGOs and small businesses.
Redazione