Latest news with #cyberattack
Daily Mail
9 hours ago
- Business
- Daily Mail
M&S shoppers fury as many of their favourite products including Colin the Caterpillar are STILL unavailable on the website after cyber attack
Shoppers have been furious after they are still unable to buy items like sports bras, jeans and even Colin the Caterpillar. Some items such as Clinique foundation and Wrangler jeans as well some Reebok sports bras and Colin the Caterpillar birthday cake are among the thousands of products yet to be available more than two months after a cyberattack crippled the major retailer's website. Although the retailer has recently brought back a limited selection of third-party brands like Adidas, Columbia, and Lilybod, many ranges are still missing or offering only limited stock. Delivery times for customers in England, Scotland, and Wales have now been cut from ten days to five, but click-and-collect and next-day delivery remain unavailable. Meanwhile, shoppers in Northern Ireland still can't get home delivery at all, according to The Times. The sluggish recovery has left customers questioning the delay. The website was down for 51 days, and although it is now back online, service remains far from normal. Before the cyberattack, the average recovery time following a cyberattack was just 22 days, according to research published last year, making this incident one of the most prolonged online outages in recent retail memory. M&S have said that its full range of products as well as normal delivery times will be returning 'over the coming weeks' did not elaborate on how many of those are back online. A source told the newspaper that it is more than a half. An expert has said 'an abundance of caution' may be behind the delay, with the retail likely to be rebuilding its systems from scratch rather than trying to save its existing software. Professor Alan Woodward of the University of Surrey said: 'They probably did this because the criminals are very good at building malware that can persist and hide in little nooks and crannies on your network.' He suggests that the tech team working with the retail giant is probably going 'the extra mile' as the brand's reputation is on the line. When approached, a source told the newspaper: 'The last thing we want to do is let customers down, promising to fulfil an order in a specific timescale and then not do it.' The retailer continues to insist that its recovery is ahead of schedule, although Prof Woodward said he is surprised at the delay. Since relaunching the site, the retailer's main focus appears to be restocking summer clothing, likely in a bid to clear a backlog of unsold seasonal stock before the sunshine disappears.
The Verge
21 hours ago
- The Verge
How vulnerable is critical infrastructure to cyberattack in the US?
Our water, health, and energy systems are increasingly vulnerable to cyberattack. Now, when tensions escalate — like when the US bombed nuclear facilities in Iran this month — the safety of these systems becomes of paramount concern. If conflict erupts, we can expect it to be a 'hybrid' battle, Joshua Corman, executive in residence for public safety & resilience at the Institute for Security and Technology (IST), tells The Verge. 'With great connectivity comes great responsibility.' Battlefields now extend into the digital world, which in turn makes critical infrastructure in the real world a target. I first reached out to IST for their expertise on this issue back in 2021, when a ransomware attack forced the Colonial Pipeline — a major artery transporting nearly half of the east coast's fuel supply — offline for nearly a week. Since then, The Verge has also covered an uptick in cyberattacks against community water systems in the US, and America's attempts to thwart assaults supported by other governments. It's not time to panic, Corman reassures me. But it is important to reevaluate how we safeguard hospitals, water supplies, and other lifelines from cyberattack. There happen to be analog solutions that rely more on physical engineering than putting up cyber firewalls. This interview has been edited for length and clarity. As someone who works on cybersecurity for water and wastewater, healthcare, food supply chains, and power systems — what keeps you up at night? Oh, boy. When you look across what we designate as lifeline critical functions, the basic human needs — water, shelter, safety — those are among some of our most exposed and underprepared. With great connectivity comes great responsibility. And while we're struggling to protect credit card cards or websites or data, we continue to add software and connectivity to lifeline infrastructure like water and power and hospitals. We were always prey. We were just kind of surviving at the appetite of our predators, and they're getting more aggressive. How vulnerable are these systems in the US? You might have seen the uptick in ransomware starting in 2016. Hospitals very quickly became the number one preferred target of ransomware because they're what I call 'target rich, but cyber poor.' The unavailability of their service is pretty dire, so the unavailability can be monetized very easily. You have this kind of asymmetry and unmitigated feeding-frenzy, where it's attractive and easy to attack these lifeline functions. But it's incredibly difficult to get staff, resources, training, budget, to defend these lifeline functions. If you're a small, rural water facility, you don't have any cybersecurity budget. We often usher platitudes of 'just do best practices, just do the NIST framework.' But they can't even stop using end of life, unsupported technology with hard-coded passwords. 'You have this kind of asymmetry and unmitigated feeding-frenzy' It's about 85 percent of the owners and operators of these lifeline critical infrastructure entities that are target rich and cyber poor. Take water systems, for example. Volt Typhoon has been found successfully compromising US water facilities and other lifeline service functions, and it's sitting there in wait, prepositioning. [Editor's note: Volt Typhoon is a People's Republic of China state-sponsored cyber group] China specifically has intentions toward Taiwan as early as 2027. They basically would like the US to stay out of their intentions toward Taiwan. And if we don't, they're willing to disrupt and destroy parts of these very exposed, very prone facilities. The overwhelming majority don't have a single cybersecurity person, haven't heard of Volt Typhoon, let alone know if and how they should defend themselves. Nor do they have the budget to do so. Turning to recent news and the escalation with Iran, is there anything that is more vulnerable at this moment? Are there any unique risks that Iran poses to the US? Whether it's Russia or Iran or China, all of them have shown they are willing and able to reach out to water facilities, power grids, hospitals, etc. I am most concerned about water. No water means no hospital in about four hours. Any loss of pressure to the hospital's pressure zone means no fire suppression, no surgical scrubbing, no sanitation, no hydration. What we have is increasing exposure that we volunteered into with smart, connected infrastructure. We want the benefit, but we haven't paid the price tag yet. And that was okay when this was mostly criminal activity. But now that these points of access can be used in weapons of war, you could see pretty severe disruption in civilian infrastructure. Now, just because you can hit it doesn't mean you will hit it, right? I'm not encouraging panic at the moment over Iran. I think they're quite busy, and if they're going to use those cyber capabilities, it's a safer assumption they would first use them on Israel. Different predators have different appetites, and prey, and motives. Sometimes it's called access brokering, where they're looking for a compromise and they lay in wait for years. Like in critical infrastructure, people don't upgrade their equipment, they use very old things. If you believe that you'll have that access for a long time, you can sit on it and wait patiently until the time and the place of your choosing. Think of this a little bit like Star Wars. The thermal exhaust port on the Death Star is the weak part. If you hit it, you do a lot of damage. We have a lot of thermal exhaust ports all over water and healthcare specifically. What needs to be done now to mitigate these vulnerabilities? We're encouraging something called cyber-informed engineering. What we've found is if a water facility is compromised, abrupt changes in water pressure can lead to a very forceful and damaging surge of water pressure that could burst pipes. If you were to burst the water main for a hospital, there would be no water pressure to the hospital. So if you wanted to say, 'let's make sure the Chinese military can't compromise the water facility,' you'd have to do quite a bit of cybersecurity or disconnect it. What we're encouraging instead, is something much more familiar, practical. Just like in your house, you have a circuit breaker, so if there's too much voltage you flip a switch instead of burning the house down. We have the equivalent of circuit breakers for water, which are maybe $2,000, maybe under $10,000. They can detect a surge in pressure and shut off the pumps to prevent physical damage. We're looking for analog, physical engineering mitigation. 'Think of this a little bit like Star Wars.' If you want to reduce the likelihood of compromise, you add cybersecurity. But if you want to reduce the consequences of compromise, you add engineering. If the worst consequences would be a physically damaging attack, we want to take practical steps that are affordable and familiar. Water plants don't know cyber, but they do know engineering. And if we can meet them on their turf and help explain to them the consequences and then co-create affordable, realistic, temporary mitigations, we can survive long enough to invest properly in cybersecurity later. Federal agencies under the Trump administration have faced budget and staffing cuts, does that lead to greater vulnerabilities as well? How does that affect the security of our critical infrastructure? Independent of people's individual politics, there was an executive order from the White House in March that shifts more of the balance of power and responsibility to states to protect themselves, for cybersecurity resilience. And it's very unfortunate timing given the context we're in and that it would take time to do this safely and effectively. I think, without malice, there has been a confluence of other contributing factors making the situation worse. Some of the budget cuts in CISA, which is the national coordinator across these sectors, is not great. The Multi-State Information Sharing and Analysis Center is a key resource for helping the states serve themselves, and that too lost its funding. And as of yet, the Senate has not confirmed a CISA director. We should be increasing our public private partnerships, our federal and state level partnerships and there seems to be bipartisan agreement on that. And yet, across the board, the EPA, Health and Human Services, Department of Energy and CISA have suffered significant reduction in budget and staff and leadership. There's still time to correct that, but we are burning daylight on what I see as a very small amount of time to form the plan, to communicate the plan, and execute the plan. Whether we want this or not, more responsibility for cyber resilience and defense and critical functions is falling to the states, to the counties, to the towns, to individuals. Now is the time to get educated and there is a constellation of nonprofit and civil society efforts — one of them is the good work we're doing with this but we also participate in a larger group called Cyber Civil Defense. And we recently launched a group called the Cyber Resilience Corps, which is a platform for anyone who wants to volunteer to help with cybersecurity for small, medium, rural, or lifeline services. It's also a place for people to find and request these volunteers. We're trying to reduce the friction of asking for help and finding help. I think this is one of those moments in history where we want and need more from governments, but cavalry isn't coming. It's going to fall to us.
News.com.au
2 days ago
- News.com.au
Wild thing alleged Western Sydney Uni hacker has to do before release on bail
An alleged hacker accused of ransoming gigabytes of data stolen from Western Sydney University is set to be released on bail but not before her housemate hands over her smart TV. Kingswood woman and firmware engineer Birdie Kingston, 27, appeared via videolink in Parramatta Local Court on Friday, two days after being arrested on a string of serious charges relating to an alleged data breach at the institution. Police opposed her release on bail citing the risk that she could gain access to cloud servers and delete evidence before investigating officers could access them, the court was told on Friday. The former WSU student was arrested over a series of alleged cyber attacks spanning four years with police arguing she was driven by a grievance against the institution. Police have alleged that from 2021 her cyber attacks escalated dramatically, from securing discounted parking and changing her grades before she last year threatened to release data onto the internet. The court heard on Friday she allegedly demanded $80,000 in exchange for the stolen data. She threatened to sell personal information on the dark web and it has been estimated that hundreds of university staff and students were affected, it has been alleged. It's not alleged that the data was ever posted to the internet and the university did not pay the ransom. She was first spoken to by police in 2023 but was not arrested until this week when she was charged with 20 offences. She is facing 10 counts of accessing/modifying restricted data, four counts of unauthorised modification of data, two counts of unauthorised function with intent serious offence, possess data with intent to commit computer offence, dishonestly obtaining property by deception, dishonestly obtaining financial advantage by deception, attempting to dishonestly obtain financial advantage by deception and demand with menaces. Police seized mobile phones and computers from her Kingswood apartment and are combing through mountains of data that is located on cloud servers belonging to Ms Kingston. Ms Kingston appeared in Parramatta Local Court on Friday morning, dressed in the same sweater she was wearing when she was arrested on Wednesday. The police opposed her release on bail, citing the risk of her committing serious offences and tampering with evidence. The court was told on Friday that police were in the process of trying to get access to cloud servers belonging to Ms Kingston. And they were concerned that if she was on bail, that she could get in and delete evidence. Police had accessed one server, but were yet to gain access to others. The court was told that the servers had about 160GB of data on them. In arguing for her release, her solicitor argued that custody would be more onerous given that she had several medical conditions - including ADHD, autism and a heart condition - and because she was transgender. Acting Magistrate Judith Sweeney described Ms Kingston's alleged offending as 'sophisticated, ongoing' and 'impacting people's lives in a way that is unconscionable'. She noted many people had been affected by hacking and identity theft, such as the 2022 Optus data breach. Ms Kingston was released on bail on strict conditions including that she live with her flatmate at Kingston, abide by a curfew and report to police daily. Ms Kingston is also banned from accessing the internet or owning an internet-capable phone. And before she was released, the court ordered that her flatmate surrender her smart TV so there was no risk of Ms Kingston accessing the internet. Ms Kingston will return to court on July 18.
Reuters
2 days ago
- Health
- Reuters
UK health officials say patient's death partially down to cyberattack
WASHINGTON, June 26 (Reuters) - A cyberattack last year against British diagnostic services provider Synnovis contributed to the death of a London hospital patient, British health officials said, providing one of the first confirmations of a death tied to hacking activity. The patient at King's College Hospital in south London died in part because the hack caused a "long wait" for blood test results as well as other factors, the hospital's managing body said on Wednesday, without identifying what they were. The hospital said the patient's family had been informed but did not provide other details. Synnovis' CEO Mark Dollar said in a statement Wednesday: "We are deeply saddened to hear that last year's criminal cyberattack has been identified as one of the contributing factors that led to this patient's death." In the June 2024 hack - attributed to the Qilin ransomware gang - media reports said attackers demanded $50 million from Synnovis for its data. The company did not pay, and the stolen data was later published on the dark web, reports said. The attack disrupted the U.K. healthcare network, and snarled operations at some of London's busiest hospitals. In January Synnovis, opens new tabsaid the hack led to more than 32 million pounds ($43 million) in costs. Medical services providers have been hard hit by ransomware as hackers suspect they will pay quickly to avoid interruptions to healthcare. Deaths have been tied to past ransomware incidents, including a baby in Alabama in 2019, opens new tab and a 78-year-old woman in Germany in 2020, opens new tab, although direct causation can be difficult to establish. The Qilin hackers did not respond to a request for comment on the death. News of the U.K. death was first reported by British healthcare publication HSJ, opens new tab. ($1 = 0.7323 pounds)
The Independent
2 days ago
- Business
- The Independent
Lioncroft Wholesale CEO: 'Technology drives us forward, but let's not forget the risks'
We all recognise the many, many ways technology enables us to innovate and scale. Virtually every UK business relies upon the latest technologies to keep the wheels of industry turning. Technology is how we manage our systems, process orders, handle data, support our people and communicate with the outside world. Technology is the very backbone of our business, leaving us woefully unprepared for if, and when, things go wrong. And go wrong they have, in recent weeks. It has been impossible to miss the news headlines screaming loud about cyber attacks which have wreaked havoc on UK household names such as M&S, the Co-op and Harrods, to name just three. M&S was first struck in April, and as we go to press in June, the business is still in recovery mode with a return to normal not expected until July. Their once-full shelves are now dotted with availability gaps – the ultimate nightmare for a retailer – while their previously booming online sales were brought to an abrupt halt as the company's systems were hacked and disabled. As if this weren't enough, M&S must also brace itself for class action data lawsuits after private data, including millions of customers' household information, telephone numbers and dates of birth, was leaked as a result of the attack. The impact financially is staggering. The losses to the British high street stalwart look set to be unprecedented – Bank of America Global Research predicted the losses to equate to £43m per week, and estimated to run to more than £400m in total – acting as a harsh wake-up call for every business to think more about the technology it relies upon. And this is without taking into consideration the reputational damage an incident like this can cause. The PR spin about technology – always on, always working – has made it a business essential. After all, technology never has an off day, it doesn't make mistakes. It doesn't get ill, tired or burnout. It doesn't get distracted from the task at hand by an unscheduled meeting or an unexpected phone call. It completes the task efficiently and accurately, and moves on to the next. Until it doesn't. So how can it go wrong? Stuart Machin, CEO of M&S, described the security breach as the result of 'social engineering' which came about from 'human error' via a 'third party' although this has yet to be confirmed by the company's internal investigation. In other words, we are the weakest link. We open emails, click on links, share passwords, leave laptops on trains… the list goes on. While it is people that operate the technology, there will always be risks, it is unavoidable. As M&S continue to repair, the smart businesses will now be using this incident as a learning exercise. Every business, regardless of size and sector, is a potential target, so what can we learn from this? Are we protected? How would we respond? These are the questions we must ask ourselves. The fact is, when it comes to cyber protection, the work is never done. A constant stream of new threats are defeated by even newer solutions, and protecting your business goes far beyond strong passwords and the latest virus protection. The experts all agree that businesses need multi-layers of protection to secure their systems, combined with insurance. Are you thinking ahead? We're told that M&S had carried out a cyber attack simulation the previous year and could tap into the learnings from this, responding quickly and effectively. Its business continuity plan kicked in, minimising further damage. Yes, cyber insurance is essential, but as many business owners have found, it is costly, complex and limited with what it will deliver. Explore the options carefully and with caution. While we focus on our systems, of course we must also focus on our people. It is our responsibility to equip staff with the knowledge they need to recognise threats and the tactics used by cyberhackers to ensure your business has a culture of security awareness. There is no doubt that technology is our friend, but let's never forget that it can quickly turn to work against us, as well as for us. Dr Jason Wouhra OBE is CEO of Lioncroft Wholesale, one of the UK's leading food and drink wholesalers. He is also Chancellor of Aston University and Chair of Unitas Wholesale, the UK's largest wholesale buying group.
