Shares in Marks & Spencer continue to slide. Since the UK retailer was subjected to a successful cyber attack last month, more than £750 million ($1 billion) has been wiped off its stock market value.
Slowly, its systems are returning but there are still some gaps on shelves and online orders remain halted. It could take weeks or months to get everything up and running again. Meanwhile, UK brands Co-op and Harrods have also been hit. Others are bracing themselves in the knowledge that these infiltrations tend to come in waves. No matter when this episode is finished, there will be more in the future.
Apart from seeing customers waxing lyrical in the media and on social media about a return to "good old-fashioned shopping", with some even heralding the outbreak as a saviour of beleaguered bricks and mortar stores, it has served to highlight the extraordinary vulnerability of supposedly safe IT. Except it is not of course. Nothing ever is. No security blanket has been invented for anything anywhere that cannot be penetrated somehow.
Usually, however strong the protection, it depends on human beings for its operation. And they are susceptible to committing errors, accepting bribes and falling prey to blagging. In the case of M&S, it appears the cyber criminals committed what is referred to in the jargon as a "social engineering" offence, which really means manipulating people into sharing passwords they shouldn’t.
Typically, this can be:
- phishing and spear phishin: sending fraudulent emails claiming to be from a reputable source or scouring the user’s social media to build up personal detail to make an email – from a gym, say – look all the more believable;
- vishing and smishing: same as the email but using voice or SMS;
- pretexting: setting up a scenario in which the data owner hands over information under false pretences;
- baiting: offering something enticing, such as a gift card, to lure users to exchange that all-important detail;
- tailgating and piggybacking: closely following an authorised user to gain unauthorised access or persuading them to allow access by holding the door open. as it were;
- quid pro quo: providing a trade or service for the code; for example, calling a company and pretending to be from the IT department trying to reach someone with a technical issue.
These are the most popular six. There are others. Merely listing them is exhausting and gives a flavour of the threat and degree of sophistication companies must counter. Now, multiply that number many times for the total of attempts made daily at piercing open, say, a major bank or consumer-facing seller. As a senior executive at a global investment bank executive said, they must defeat thousands every single day. It was like being circled constantly by hordes of insects looking for any weakness, any way in.
The IRA issued a statement after the Brighton bombing that almost killed prime minister Margaret Thatcher in 1984: "Today we were unlucky, but remember we only have to be lucky once. You will have to be lucky always."
That’s how it is for corporations conducting a never-ending battle. And it is ceaseless and relentless – instantly, as one barrier is erected another crack will be found. Probably, in order to function effectively, somewhere it will entail human fragility.
After the M&S break-in, thought to have been carried out by an affiliation of UK and US hackers calling themselves Scattered Spider, the National Cyber Security Centre issued new guidance to combat the technique used. It recommends that organisations "review help desk password reset processes" and pay particular attention to "admin" accounts, which generally have more access throughout a company’s network.
That will necessitate the introduction of further steel gates, but will it be enough? It could make a difference but it will not be sufficient. Where people ultimately hold the keys, nothing is.
What is alarming is how Scattered Spider and its ilk can put distance between themselves and the crime. They smash the window, dig the tunnel or bribe the guard – take your pick – but leave the actual disabling and extorting of a ransom to others. They pass those on and leave the scene. So, the folks that the company is forced to deal with are not those who broke in. That makes them all the harder to trace.
The problem is that companies do deal. They do not like to admit so but they have no choice. Scattered Spider came to attention in September 2023 when MGM Resorts and Caesars Entertainment casino groups in Las Vegas saw their accounts locked. Caesars reputedly handed over about $15 million to have them freed. Companies elsewhere have also paid up in order effectively to be allowed to resume their business.
One solution, as it is with kidnapping, is to deny the means, to not pay. But as with the holding of a person, that requires enormous courage and risk of death.
Another is to pour extra resourcing into policing, to investigating and pursuing. But that requires funding and expertise that many police forces do not have and crucially, it depends on the close, international co-operation between countries, of them coming together to agree to stamp out the villains and, critically, meaning it. We are far from achieving that.
Unfortunately, until we do, there will be further claims of installing foolproof fencing and more chief executives discovering that isn’t true and receiving that late-night call they now dread the most from the IT department.
Benefits of first-time home buyers' scheme
- Priority access to new homes from participating developers
- Discounts on sales price of off-plan units
- Flexible payment plans from developers
- Mortgages with better interest rates, faster approval times and reduced fees
- DLD registration fee can be paid through banks or credit cards at zero interest rates
Global state-owned investor ranking by size
|
1.
|
United States
|
|
2.
|
China
|
|
3.
|
UAE
|
|
4.
|
Japan
|
|
5
|
Norway
|
|
6.
|
Canada
|
|
7.
|
Singapore
|
|
8.
|
Australia
|
|
9.
|
Saudi Arabia
|
|
10.
|
South Korea
|
UAE currency: the story behind the money in your pockets
More from Neighbourhood Watch
Red flags
- Promises of high, fixed or 'guaranteed' returns.
- Unregulated structured products or complex investments often used to bypass traditional safeguards.
- Lack of clear information, vague language, no access to audited financials.
- Overseas companies targeting investors in other jurisdictions - this can make legal recovery difficult.
- Hard-selling tactics - creating urgency, offering 'exclusive' deals.
Courtesy: Carol Glynn, founder of Conscious Finance Coaching
Who was Alfred Nobel?
The Nobel Prize was created by wealthy Swedish chemist and entrepreneur Alfred Nobel.
- In his will he dictated that the bulk of his estate should be used to fund "prizes to those who, during the preceding year, have conferred the greatest benefit to humankind".
- Nobel is best known as the inventor of dynamite, but also wrote poetry and drama and could speak Russian, French, English and German by the age of 17. The five original prize categories reflect the interests closest to his heart.
- Nobel died in 1896 but it took until 1901, following a legal battle over his will, before the first prizes were awarded.
Getting%20there%20and%20where%20to%20stay
%3Cp%3EEtihad%20Airways%20operates%20seasonal%20flights%20from%20Abu%20Dhabi%20to%20Nice%20C%C3%B4te%20d'Azur%20Airport.%20Services%20depart%20the%20UAE%20on%20Wednesdays%20and%20Sundays%20with%20outbound%20flights%20stopping%20briefly%20in%20Rome%2C%20return%20flights%20are%20non-stop.%20Fares%20start%20from%20Dh3%2C315%2C%20flights%20operate%20until%20September%2018%2C%202022.%C2%A0%3C%2Fp%3E%0A%3Cp%3EThe%20Radisson%20Blu%20Hotel%20Nice%20offers%20a%20western%20location%20right%20on%20Promenade%20des%20Anglais%20with%20rooms%20overlooking%20the%20Bay%20of%20Angels.%20Stays%20are%20priced%20from%20%E2%82%AC101%20(%24114)%2C%20including%20taxes.%3C%2Fp%3E%0A%3Cp%3E%3C%2Fp%3E%0A
EA Sports FC 26
Publisher: EA Sports
Consoles: PC, PlayStation 4/5, Xbox Series X/S
Rating: 3/5
Results
5pm: Maiden (PA) Dh80,000 (Turf) 1,200m, Winner: ES Rubban, Antonio Fresu (jockey), Ibrahim Aseel (trainer)
5.30pm: Handicap (PA) Dh85,000 (T) 1,200m, Winner: Al Mobher, Sczcepan Mazur, Ibrahim Al Hadhrami
6pm: Handicap (PA) Dh80,000 (T) 2,200m, Winner: Jabalini, Tadhg O’Shea, Ibrahim Al Hadhrami
6.30pm: Wathba Stallions Cup (PA) Dh70,000 (T) 2,200m, Winner: AF Abahe, Tadgh O’Shea, Ernst Oertel
7pm: Handicap (PA) Dh85,000 (T) 1,600m, Winner: AF Makerah, Tadhg O’Shea, Ernst Oertel
7.30pm: Maiden (TB) Dh80,000 (T) 1,600m, Winner: Law Of Peace, Tadhg O’Shea, Satish Seemar
The biog
Name: Marie Byrne
Nationality: Irish
Favourite film: The Shawshank Redemption
Book: Seagull by Jonathan Livingston
Life lesson: A person is not old until regret takes the place of their dreams
Tips to stay safe during hot weather
- Stay hydrated: Drink plenty of fluids, especially water. Avoid alcohol and caffeine, which can increase dehydration.
- Seek cool environments: Use air conditioning, fans, or visit community spaces with climate control.
- Limit outdoor activities: Avoid strenuous activity during peak heat. If outside, seek shade and wear a wide-brimmed hat.
- Dress appropriately: Wear lightweight, loose and light-coloured clothing to facilitate heat loss.
- Check on vulnerable people: Regularly check in on elderly neighbours, young children and those with health conditions.
- Home adaptations: Use blinds or curtains to block sunlight, avoid using ovens or stoves, and ventilate living spaces during cooler hours.
- Recognise heat illness: Learn the signs of heat exhaustion and heat stroke (dizziness, confusion, rapid pulse, nausea), and seek medical attention if symptoms occur.
UAE currency: the story behind the money in your pockets
Jetour T1 specs
Engine: 2-litre turbocharged
Power: 254hp
Torque: 390Nm
Price: From Dh126,000
Available: Now
The%20Emperor%20and%20the%20Elephant
%3Cp%3E%3Cstrong%3EAuthor%3A%20%3C%2Fstrong%3ESam%20Ottewill-Soulsby%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EPublisher%3A%20%3C%2Fstrong%3EPrinceton%20University%20Press%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EPages%3A%20%3C%2Fstrong%3E392%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EAvailable%3A%20%3C%2Fstrong%3EJuly%2011%3C%2Fp%3E%0A
The specs: Hyundai Ionic Hybrid
Price, base: Dh117,000 (estimate)
Engine: 1.6L four-cylinder, with 1.56kWh battery
Transmission: Six-speed automatic
Power: 105hp (engine), plus 43.5hp (battery)
Torque: 147Nm (engine), plus 170Nm (battery)
Fuel economy, combined: 3.4L / 100km
MATCH INFO
World Cup qualifier
Thailand 2 (Dangda 26', Panya 51')
UAE 1 (Mabkhout 45 2')
The Details
Kabir Singh
Produced by: Cinestaan Studios, T-Series
Directed by: Sandeep Reddy Vanga
Starring: Shahid Kapoor, Kiara Advani, Suresh Oberoi, Soham Majumdar, Arjun Pahwa
Rating: 2.5/5
Key findings of Jenkins report
- Founder of the Muslim Brotherhood, Hassan al Banna, "accepted the political utility of violence"
- Views of key Muslim Brotherhood ideologue, Sayyid Qutb, have “consistently been understood” as permitting “the use of extreme violence in the pursuit of the perfect Islamic society” and “never been institutionally disowned” by the movement.
- Muslim Brotherhood at all levels has repeatedly defended Hamas attacks against Israel, including the use of suicide bombers and the killing of civilians.
- Laying out the report in the House of Commons, David Cameron told MPs: "The main findings of the review support the conclusion that membership of, association with, or influence by the Muslim Brotherhood should be considered as a possible indicator of extremism."
UAE SQUAD
Ali Khaseif, Mohammed Al Shamsi, Fahad Al Dhanhani, Khalid Essa, Bandar Al Ahbabi, Salem Rashid, Shaheen Abdulrahman, Khalifa Al Hammadi, Mohammed Al Attas, Walid Abbas, Hassan Al Mahrami, Mahmoud Khamis, Alhassan Saleh, Ali Salmeen, Yahia Nader, Abdullah Ramadan, Majed Hassan, Abdullah Al Naqbi, Fabio De Lima, Khalil Al Hammadi, Khalfan Mubarak, Tahnoun Al Zaabi, Muhammed Jumah, Yahya Al Ghassani, Caio Canedo, Ali Mabkhout, Sebastian Tagliabue, Zayed Al Ameri
WHAT IS A BLACK HOLE?
1. Black holes are objects whose gravity is so strong not even light can escape their pull
2. They can be created when massive stars collapse under their own weight
3. Large black holes can also be formed when smaller ones collide and merge
4. The biggest black holes lurk at the centre of many galaxies, including our own
5. Astronomers believe that when the universe was very young, black holes affected how galaxies formed
MATCH INFO
CAF Champions League semi-finals first-leg fixtures
Tuesday:
Primeiro Agosto (ANG) v Esperance (TUN) (8pm UAE)
Al Ahly (EGY) v Entente Setif (ALG) (11PM)
Second legs:
October 23
GIANT REVIEW
Starring: Amir El-Masry, Pierce Brosnan
Director: Athale
Rating: 4/5
Lexus LX700h specs
Engine: 3.4-litre twin-turbo V6 plus supplementary electric motor
Power: 464hp at 5,200rpm
Torque: 790Nm from 2,000-3,600rpm
Transmission: 10-speed auto
Fuel consumption: 11.7L/100km
On sale: Now
Price: From Dh590,000
