Numerous UK businesses potentially harbor M&S-like cyber intruders within their systems, warns experts.
Rewritten Article:
British businesses might be unaware of the hackers lurking within their systems due to a shift in the hacking industry's business model.
Recently, luxury fashion brand Dior and Marks & Spencer (M&S) have experienced data breaches, with Dior preventing "usable" payment details and passwords from being stolen, while M&S is still grappling with the fallout from an April attack that has halted online shopping and put recruitment on hold.
Co-op managed to narrowly avoid a full-blown crisis by spotting intruders in their network and shutting down operations, and Harrods also revealed they recently repelled hackers attempting to infiltrate their systems. Although these attacks haven't been linked, the growing number of high-profile incidents may be connected to a change in the hacking market, according to Dr Harjinder Lallie.
"It's truly terrifying," said Dr Lallie, a cybersecurity scholar at the University of Warwick, to our outlet. "I've been working in cybersecurity for 26 years - I've never seen a time like this."
The criminals behind DragonForce, a powerful ransomware suite, altered their business strategy.
"They switched to what we call 'ransomware-as-a-service'," explained Dr Lallie. "If I'm Dragon Force, I'll tell you: 'You can use my extremely powerful tools to conduct the attack, and you can keep 80% of whatever you collect, as long as I get 20% of it.'"
This means wannabe hackers no longer require technical expertise to launch an attack. Instead, they can simply acquire the software on dark-web marketplaces, which function much like conventional online marketplaces, complete with vendor ratings.
Preliminary evidence of the DragonForce ransomware has reportedly surfaced in the M&S attack.
Tens of thousands of businesses in the UK might be unknowingly hosting hackers within their networks, according to Dr Lallie.
"There are probably tens of thousands of businesses up and down the UK with hackers inside their network already, and they don't even realize it, I'm afraid," said Dr Lallie. "They're just sitting there, waiting for the right moment to strike."
Professor Manos Panaousis, a cybersecurity professor at the University of Greenwich, added to the problem, stating that artificial intelligence (AI) plays a role.
"Most cybersecurity attacks are social engineering attacks," he said. "With the use of generative AI, social engineering becomes more refined."
Incorporating ransomware-as-a-service and generative AI together lowers the entry barrier for attacks, leading to more sophisticated assaults.
- This change in the hacking market, as mentioned by Dr Lallie, allows less skilled individuals to carry out ransomware attacks, such as the one seen in the M&S attack, by purchasing potent tools on dark-web marketplaces.
- The integration of ransomware-as-a-service and generative AI, as highlighted by Professor Panaousis, has created a more sophisticated threat landscape where specters of cyberattacks, like those experienced by Dior, M&S, Co-op, and Harrods, could proliferate unseen within businesses in the UK.
