- Category
- World
Investigation Reveals Russian Hackers Behind Massive Cyberattack That Cost UK $2.5 Billion
Prefer U24 Media on Google
- Authors
![Photo of Cyril Barabaltchouk]( "Photo of Cyril Barabaltchouk")
-72b63a4e0c8c475ad81fe3eed3f63729.jpeg "Photo of Cyril Barabaltchouk")
A new investigation has revealed that a group of Russian hackers was responsible for a significant cyberattack on British automaker Jaguar Land Rover last year, The New York Times (NYT) reported on June 26.
The attack, which occurred in late August 2025, forced the leading British automaker to lock down its computer networks and completely stop production for five weeks. The shutdown delivered a massive $2.5 billion blow to the wider British economy, making it the most expensive cyberattack in the history of the United Kingdom. It also cost the company around $350 million during the 2026 fiscal year.
We bring you stories from the ground. Your support keeps our team in the field.
While a loose group of cybercriminals originally took credit for the hack on a Telegram social media channel, investigators from the UK and the US quickly realized the attack used highly advanced methods. NYT notes that, instead of demanding a ransom for money, which is typical for criminal hackers, the attackers used a completely unique and highly complex type of ransomware to lock the company out of its servers.
Microsoft later tracked down the hackers and alerted Jaguar Land Rover that a Russian group was inside their systems. British authorities are now trying to find out if the hackers operated directly under orders from the Kremlin or if they simply had the Russian government’s tacit approval.
The NYT reports that the details of the attack show how deeply the hackers had infiltrated the automaker’s network. Months before the strike, a hacker sold access to the company’s breached systems online. Even though Jaguar Land Rover noticed the vulnerability and tried to fix its servers, the Russian hackers were already quietly waiting inside the network.
They launched the attack on August 31, 2025, right when the company was preparing to ship new cars to global dealers. To stop the hackers from taking total control of the global network, the company had to shut down its entire system, halting factories not just in England, but also in Brazil, China, India, and Slovakia.
The attack has raised serious fears that Russia is intentionally targeting the economic foundations of Western nations, especially as relations between London and Moscow remain hostile due to Britain’s military aid to Ukraine, the NYT reported.
Kremlin spokesman Dmitry Peskov denied any knowledge of the incident, stating that Russia knows nothing about it. However, Western security agencies emphasize that Russia remains the world’s largest source of cybercrime, where the state frequently protects criminals. British Defense Secretary Dan Jarvis later warned that hostile countries have realized the most effective way to attack is not through direct military confrontation, but by quietly hollowing out the economy from the inside.
To help the automaker recover, the British government has since backed a $2 billion loan to support Jaguar Land Rover’s suppliers.
This hacking operation is part of a larger pattern of Russian state-sponsored cyberattacks targeting the UK. The UK’s National Cyber Security Centre had previously warned that a Russian military intelligence hacking group known as Fancy Bear (also known as APT28) was exploiting common internet routers to steal passwords and sensitive data.
British officials have previously accused this same group of running a widespread cyber campaign across NATO countries to disrupt defense, logistics, and technology systems providing crucial aid to Ukraine.
Discuss this article:
-37bccdf8a11530b8187f00e534854b89.jpg "Russian Foreign Minister Sergei Lavrov attends a joint press conference with Madagascar’s Foreign Minister following their talks in Moscow on June 19, 2026. (Source: Getty Images)")
