Jaguar Land Rover is extending the shutdown of its production plants another week in a move that experts say could cost the business in the multiple billions.

The luxury carmaker confirmed today that it will not be building cars again until at least October 1, at which time major production sites at Solihull and Halewood will have been idle for a month.

JLR said in an announcement: “We have made this decision to give clarity for the coming week as we build the timeline for the phased restart of our operations and continue our investigation.

“Our teams continue to work around the clock alongside cybersecurity specialists, the NCSC, and law enforcement to ensure we restart in a safe and secure manner.

“Our focus remains on supporting our customers, suppliers, colleagues, and our retailers, who remain open. We fully recognise this is a difficult time for all connected with JLR and we thank everyone for their continued support and patience.”

David Bailey, professor of business economics at the University of Birmingham, told BBC West Midlands Radio that by the earliest suspected restart date, JLR could be losing out on around £2.2 billion ($2.9 billion) in revenue and £150 million ($202 million) in profits.

“It’s one of the worst crises the company has ever faced,” he said. “We’ve seen it get through the global financial crisis, through Covid, through the semiconductor crisis, but we’ve not had anything like this before, where the company has not made any cars for a month. 

“There’s almost the assumption in much of the national media that we don’t make anything anymore. We do, and workers on Merseyside and the West Midlands make fantastic cars which are sold all over the world. Formally, manufacturing might only account for 10 percent of our economy, but in reality, the impact of all of that in terms of services that are linked to it in terms of financial services, accountants, lawyers, marketing, but also right down to bacon butties, the impact of that is much, much bigger.”

Reports also emerged today that JLR may not have adequate cyber insurance to cover the costs associated with the attack and production shutdown.

Insiders told The Insurer that the company had allegedly failed to finalize an insurance policy before the attack took place. If confirmed, it’s a factor that could exacerbate the company’s financial outlay.

The UK’s business secretary, Peter Kyle, is due to meet representatives from JLR and various companies in its supply chain today to gain a greater understanding of the peril that hundreds of thousands of workers are facing.

Calls for a Covid-esque support package for JLR and its supply chain came last week, with Sharon Graham, general secretary at automotive workers’ union Unite, saying: “The government needs to defend jobs when our industries are under attack.”

Bailey told the BBC this morning:

“I don’t think listening is enough anymore. The Department of Business and Trade said it has been monitoring the situation – great – but I really think we’re at the point where they need to be putting in place some sort of emergency support because JLR is now saying [they’re going to restart on] October 1… there’s no guarantee that they’re going to restart on October 1. Businesses are running out of money.”

She added: “The problem is, if companies go under, that’s going to be workers who won’t be employed, won’t be paying their taxes – one way or another, there’s going to be a financial hit for the government. Either they put up the up-front support to keep companies going so the supply chain can be reactivated and JLR can get going again, or they’re going to pick up redundancy benefits and unemployment benefits.”

With redundancies already being made at JLR suppliers, the type of which are expected to continue the longer the disruption goes on, experts said a failure to support JLR’s supply chain could be ruinous for the company, even when production can begin again.

Des Quinn, Unite’s national automotive officer, said that supply chain workers are the union’s biggest concern, since that’s where most of the layoffs thus far have taken place.

Agency workers may go back and get another assignment, they may not, but even if they do, it is unlikely to be on the same wage. 

Some are on reduced earnings due to their layoff agreements, some are on half pay or less, and some are facing the limit of what their employers are prepared to pay them this week. 

Unite continues to encourage the government to establish support for these people, because JLR’s restart hinges on supply chain staff having jobs.

The main areas of focus for the attack are JLR’s two main production plants – one in Solihull, near Birmingham, which employs around 9,000 workers across the circa 300-acre facility, which has its own bus service to transport workers to other areas of the site. 

The other is in Halewood, in south Liverpool, which employs roughly 3,000 workers and has been in operation since 1963.

However, there is estimated to be at least 100,000 additional workers – possibly more – across JLR’s deep supply chain, who are likely to be affected in some way. The disruption also extends to local communities and small businesses, such as cafes and pubs, that serve the workers during the course of their normal workday.

Human impact

The owner of Solihull’s Silly Sausage cafe told the BBC that they usually receive bulk orders on a Friday from JLR, and it accounts for 10 percent of the cafe’s business, although the orders have stopped as a result of the cyberattack.

This then has a knock-on effect on other small businesses, such as bakeries that supply the bread and butcher shops that supply the cafe’s meat.

Pup and Duckling pub dwellers, Tess and Paul, whose son works for JLR, are concerned about the workers’ welfare while production is halted.

“He’s just on flat rate, he’s just moved into his new place, and I think he’s going to feel the pinch,” said Tess. “It’s just awful for them.”

Paul added: “They tend to rely on overtime – Saturdays and Sundays – and the shift allowance… so, they’re getting flat rate at the moment, but they’ll have to pay back any overtime that they’ve had over a period of months and years, even, but I think [JLR is] doing a great job, they can’t do anything better for their employees.

“[Our son] believes that they’re going to go back mid-October, November. Hopefully it’s not November because he’s going to have problems.”

Carol, from Old Swan in Liverpool, told the broadcaster that her husband has worked at the Halewood plant for more than 10 years, and is one of the lucky few still working as his role is in maintenance, but he’s always waiting for the call instructing him to stay home. 

One of the main reasons for this is that JLR can’t order any parts, as the computers that are used to do so remain inaccessible.

“It’s very uncertain what’s going to happen; it’s a terrible time, to be honest,” she said. “If my husband does get made redundant, how long will JLR pay the people? 

“We keep on getting told dates – the last date was the 24th, but now they’re talking about January. Now, we’re terrified of spending money; we’re just worried about bills and Christmas.”

The attackers

While formal attribution is yet to be made, it is widely believed that the attack is the work of the group known as Scattered Lapsus$ Hunters – a collaborative effort by certain members of the three individual congregations of teenage cybercriminals Scattred Spider, Lapsus$, and Shiny Hunters.

Steve Rotheram, mayor of the Liverpool city region, described those behind the attack as “absolute monsters,” who “don’t realize the impact they’re having not just on the company, but on the workforce.”

He added: “Anything that endangers things like production at Halewood, Speke, in that area, is something of major concern to us. So, we are looking at doing everything we can, and the government have offered their full support to JLR.”

It seems Rotheram is not a regular reader of The Reg, because he would know that in most cases the criminals behind these attacks are fully aware of the potential – sometimes deadly – impacts of their attacks.

He also made the same mistake as chancellor of the exchequer Rachel Reeves in falsely attributing the attacks on major UK organizations to those with government backing. ®