Retail cyberattacks: AI making threats 'more advanced and personalised'
Speaking on an episode of GlobalData's Instant Insights podcast, Charlotte Wilson, head of enterprise sales at cybersecurity company Check Point Software, said that while the form that cyberattacks take has not changed a great deal, AI is being used to make them more effective.
This embedded content is not available in your region.
'I think they're getting far more advanced and highly personalised because of AI,' said Wilson. 'If you take this retail attack, any of the retailers right now, the primary attack is to get the money from the retailer to free up access back to their information, and that's the ransomware itself for the company, the retailer, to pay or not pay or negotiate.
'The secondary attack is all that information that has been gathered can then be sold to other people that then might do a secondary activity with it. And that's where some of the sophistication comes in. That's where social engineering comes in.'
Social engineering is the practice of deceiving and manipulating individuals into performing specific actions. It is a well-known tactic of email scammers who purport to be people or companies that they are not to trick victims into giving them personal information.
Of the role of retail cyberattacks in facilitating this, Wilson explained: 'There's the first attack, which is to the retailer. The secondary attack is to you and me, the mums and dads, brothers and sisters, the consumer – and AI is making them something you're more likely to click on because they're much more personalised.
'It could be so much as, 'I see that you bought this in the last time that you visited our store. We hope that was great for you. Here's some personalised offers for you based on what you like to shop for,' and if I've got access to you as a loyalty scheme customer, I probably know quite a bit about you.'
Wilson was speaking on the episode following the recent spate of cyberattack targeting UK retailers including Marks and Spencer, Co-op and Harrods. They are thought to have been perpetrated by a group known as Scattered Spider using a ransomware-as-a-service platform called DragonForce, of which Wilson says: 'There will be operators that design the ransomware attacks and the malware, and then there are affiliates that will go and use those and exploit it and hold people to ransom. They sometimes have a profit-share model, so it's a profitable way of doing cybercrime.'
Despite widespread coverage of the recent attacks, Check Point, which carries out its own cybersecurity research, finds retail to be only the fifth most hacked industry at present.
'It's way, way behind education, government and healthcare,' said Wilson. 'So, it's actually not the biggest attacked. We think they're dealing with about 300 attacks per week. It starts to get into the 1000s when you start to get into the other industries.
'However, obviously once you're in you can hold to ransom at a higher rate because it's so much more public, and you can see just the press at the moment is reporting the retail hacks pretty much every other day.'
Wilson went on to explain that retailers are at a particular disadvantage as they typically have a much larger potential attack surface than businesses in other industries.
'Retailers have an incredibly hard job because they're dealing with so many different suppliers of varying degrees,' said Wilson. 'The networks are dynamic. They have lots of things attached to them, so I think they have a really complex job, and, from a hacker's perspective, the path of least resistance is the one they'll choose.
'If you've got lots of things that you have to maintain, you have to make sure are patched, secured and controlled across many different interfaces, it's much easier for you to have something that isn't as up to date as it should be, or isn't as protected as it could be, they're much more susceptible to mistakes.'
Wilson gave two main recommendations for retailers to help keep their cybersecurity tight.
'One clear thing they can do is monitor the third-party access to their networks,' she said. 'One challenge that retailers have that is unique is that some of the suppliers to them might be quite small, and so may not hold the same level of security in their organisation as maybe the retailer is.'
In addition, she noted that collaboration between security and IT teams when patching vulnerabilities is required is not always adequate. Wilson is of the opinion that the handling of common vulnerability exploits (CVEs) – vulnerabilities that are identified and need to be patched – often fails as a result of miscommunication or misunderstanding between the two teams within a business.
'I just think the CVE part never really gets taken all that seriously,' she explained. 'That bit, for me, is a big thing. If it's being handled by your IT team as opposed to your security team, I think it's important that the security team stress the need for those certain CVEs that are critical to get patched and sorted, or to put those people outside of a blast zone.'
"Retail cyberattacks: AI making threats 'more advanced and personalised'" was originally created and published by Just Food, a GlobalData owned brand.
The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
a day ago
- Yahoo
Is It Time To Consider Buying Marks and Spencer Group plc (LON:MKS)?
Marks and Spencer Group plc (LON:MKS), might not be a large cap stock, but it received a lot of attention from a substantial price movement on the LSE over the last few months, increasing to UK£4.10 at one point, and dropping to the lows of UK£3.28. Some share price movements can give investors a better opportunity to enter into the stock, and potentially buy at a lower price. A question to answer is whether Marks and Spencer Group's current trading price of UK£3.55 reflective of the actual value of the mid-cap? Or is it currently undervalued, providing us with the opportunity to buy? Let's take a look at Marks and Spencer Group's outlook and value based on the most recent financial data to see if there are any catalysts for a price change. AI is about to change healthcare. These 20 stocks are working on everything from early diagnostics to drug discovery. The best part - they are all under $10bn in marketcap - there is still time to get in early. What's The Opportunity In Marks and Spencer Group? According to our price multiple model, where we compare the company's price-to-earnings ratio to the industry average, the stock currently looks expensive. We've used the price-to-earnings ratio in this instance because there's not enough visibility to forecast its cash flows. The stock's ratio of 24.2x is currently well-above the industry average of 18.91x, meaning that it is trading at a more expensive price relative to its peers. If you like the stock, you may want to keep an eye out for a potential price decline in the future. Since Marks and Spencer Group's share price is quite volatile, this could mean it can sink lower (or rise even further) in the future, giving us another chance to invest. This is based on its high beta, which is a good indicator for how much the stock moves relative to the rest of the market. See our latest analysis for Marks and Spencer Group What does the future of Marks and Spencer Group look like? Investors looking for growth in their portfolio may want to consider the prospects of a company before buying its shares. Buying a great company with a robust outlook at a cheap price is always a good investment, so let's also take a look at the company's future expectations. With profit expected to more than double over the next couple of years, the future seems bright for Marks and Spencer Group. It looks like higher cash flow is on the cards for the stock, which should feed into a higher share valuation. What This Means For You Are you a shareholder? MKS's optimistic future growth appears to have been factored into the current share price, with shares trading above industry price multiples. However, this brings up another question – is now the right time to sell? If you believe MKS should trade below its current price, selling high and buying it back up again when its price falls towards the industry PE ratio can be profitable. But before you make this decision, take a look at whether its fundamentals have changed. Are you a potential investor? If you've been keeping tabs on MKS for some time, now may not be the best time to enter into the stock. The price has surpassed its industry peers, which means it is likely that there is no more upside from mispricing. However, the optimistic prospect is encouraging for MKS, which means it's worth diving deeper into other factors in order to take advantage of the next price drop. With this in mind, we wouldn't consider investing in a stock unless we had a thorough understanding of the risks. For example, we've discovered 2 warning signs that you should run your eye over to get a better picture of Marks and Spencer Group. If you are no longer interested in Marks and Spencer Group, you can use our free platform to see our list of over 50 other stocks with a high growth potential. Have feedback on this article? Concerned about the content? Get in touch with us directly. Alternatively, email editorial-team (at) article by Simply Wall St is general in nature. We provide commentary based on historical data and analyst forecasts only using an unbiased methodology and our articles are not intended to be financial advice. It does not constitute a recommendation to buy or sell any stock, and does not take account of your objectives, or your financial situation. We aim to bring you long-term focused analysis driven by fundamental data. Note that our analysis may not factor in the latest price-sensitive company announcements or qualitative material. Simply Wall St has no position in any stocks mentioned. Error while retrieving data Sign in to access your portfolio Error while retrieving data Error while retrieving data Error while retrieving data Error while retrieving data
Yahoo
2 days ago
- Yahoo
M&S ad banned over ‘unhealthily thin' model
The UK's advertising regulator has banned a Marks & Spencer advert that appeared on the retailer's app and website, after ruling it 'irresponsible' for portraying a model in a way that suggested unhealthy thinness. This decision offers insight into how retail advertising standards address body image concerns in marketing campaigns. Why the ASA acted: breach of social responsibility in retail advertising According to the ASA, one specific image violated CAP Code rule 1.3 by presenting a model whose pose, outfit and camera angle emphasised slenderness. The model's prominent collarbones, the downward tilt of her head, and pointed shoes were all cited as contributing factors that made her appear unhealthily thin. M&S confirmed it had removed the image and pledged to prepare future adverts responsibly. Retailer's response and wider industry context M&S told the ASA that all its models are in good health, and that the pose and styling choices were intended to convey confidence, not to exaggerate slimness. The retailer also emphasised its inclusive sizing range, from UK size 8 to 24, and stated that other flagged images had been reviewed but not banned. This ruling follows similar ASA actions earlier in 2025, including bans on adverts by Next and Warehouse for comparable issues, signalling renewed scrutiny on body image in fashion retail adverts. Implications for retail advertising standards and future campaigns The ASA's decision underlines the growing enforcement of retail advertising standards relating to social responsibility and body image. Marketing teams across the UK's fashion industry are now under closer observation, especially regarding visual composition—including camera angles, styling and model selection. Industry experts say this is part of a broader pushback against unrealistic body ideals, which have been fuelled by social media trends and weight-loss drug culture. Retailers will need to ensure their advertisements comply with ASA guidance to avoid social irresponsibility rulings. This includes careful review of imagery for any indicators of unhealthy thinness, and may require stricter internal checks before launching campaigns. "M&S ad banned over 'unhealthily thin' model" was originally created and published by Retail Insight Network, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.
Yahoo
3 days ago
- Yahoo
Tesla's auto revenue drops in Q2 2025
Tesla has reported a 12% year-on-year (YoY) decrease in total revenue for the second quarter (Q2) of 2025, with figures falling to $22.49bn from $25.5bn in the same period last year. The company's Q2 2025 financial results reflect vehicle delivery decline and lower regulatory credit revenue, among other factors. The company sold 384,122 cars in Q2, down 13.5% from the sales total a year ago. Total automotive revenues saw a 16% YoY decrease for a second straight quarter to $16.6bn in Q2 2025. Net income attributable to common stockholders (GAAP) for the quarter also fell by 16% to $1.17bn, while non-GAAP net income saw a 23% decline to $1.39bn. The company's total gross profit dropped by 15% YoY to $3.87bn. Net cash from operating activities decreased by 30% to $2.54bn, and adjusted EBITDA was down 7% at $3.40bn for Q2 2025. Operating expenses also experienced a slight decrease of 1% to $2.95bn. Income from operations plummeted by 42% to $923m, mainly affected by lower regulatory credit revenue, increased operating expenses due to AI and research and development (R&D) projects, and vehicle delivery decline. Tesla has noted in the update letter that its lithium refining and cathode production plants are set to start production in 2025, aiming to onshore the production of critical battery materials in the US. The company is also preparing to start domestic production of its first LFP cells for energy storage products later in 2025. Tesla emphasises a 'capex-efficient' approach to growing vehicle volumes, utilising current production capacity before expanding. The anticipated launch of new vehicles in 2025, including 'a more affordable model' in the first half of the year, remains on schedule. Tesla's Cybercab, a Robotaxi product, is expected to enter volume production in 2026. The company sold 384,122 cars in Q2, down 13.5% from the sales total a year ago. In the first quarter (Q1) revenues 2025, which ended on 31 March, Tesla reported a 20% decline. "Tesla's auto revenue drops in Q2 2025" was originally created and published by Just Auto, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
