00:00Cyber attacks are rising sharply with major retailers, car makers and even airports hit.
00:07UK supermarket chain Co-op says an attack earlier this year cost them more than $276 million in lost sales.
00:16Its members had their data stolen in April.
00:19Marks & Spencer and Harrods were also targeted with M&S alone facing a $400 million hit.
00:27Jaguar Land Rover says some of its IT systems are back online after a cyber attack that crippled operations in the UK.
00:36Production has been halted since August with staff off work as a result of the attack.
00:41The car maker has warned that factories may not reopen until next month.
00:45Automaker giant Stellantis also confirmed customer data was stolen in North America this month.
00:52And in Europe, a UK man has been arrested over a ransomware attack that caused major airport delays at Heathrow, Brussels, Berlin and Dublin.
01:01Britain's National Crime Agency says the man in his 40s is out on bail as investigations continue.
01:09Glenn Wilkinson is CEO of AgaLab.
01:12That's a British cyber security company.
01:14Yeah, so the surge in attacks is largely down to two large factors.
01:20The first one is it's a low cost.
01:22So it's not a huge barrier to entry for these criminals to get into this market as opposed to traditional crime with a lot more barriers to entry, I would say.
01:31And the other possibly bigger component is almost the industrialization of the underground economy.
01:37So these cyber criminals have entire underground markets where these ransomware gangs supply the ransom software.
01:45We have things called ransomware as a service now.
01:48We can go on the dark web and you can join an affiliate program to get access to ransomware.
01:51You don't even have to write it.
01:53You can buy access to already compromised systems by initial access brokers.
01:57And then there are support channels and chat channels.
01:59So it's a very almost well-oiled, efficient, sophisticated criminal network.
02:05And it's really pushing the almost pushing the criminal envelope in these in these types of attacks.
02:10Has the rise of AI in the last few years played any part in these attacks?
02:16Yeah, so the AI question is an interesting one to I would say to a small degree at this stage.
02:22It's facilitating these types of attacks and that component comes in almost indirectly.
02:26So maybe it's the spear phishing emails, which are, you know, they're better wording or better language or the landing pages to trick you.
02:33AI has assisted in making those.
02:36So there's some kind of almost indirect upskilling of the lower levels of various hacker groups.
02:42In terms of enhancing the capability of those groups that are already quite capable, we're not seeing too much of that.
02:49The one interesting thing that we have seen is a new variant of ransomware that came out recently.
02:53It was discovered by ESSET and it was called, well, they named it PromptLock.
02:57And essentially, it's a large language model that is downloaded onto your computer and it almost compiles the ransomware, creates the ransomware in real time.
03:06So it's like having a tiny little AI bot that gets downloaded and it looks at your system, looks at your files, tries to understand the environment,
03:14and then builds custom ransomware just for that, just for that instance, just for that computer, which makes it hard to bypass because it's a, it's almost a novel variant.
03:22I think moving forward, we'll probably see AI playing a much more fundamental part where it's upscaling capabilities, allowing autonomous, large scale, almost breadth of attacks.
03:33One human could only do so much damage, but a thousand bots can probably spread that damage.
03:36If we look at insurance cover, obviously there is insurance cover for cyber attacks, but there's a lot of discussion around whether it's actually enough,
03:45because we're not, especially in the case of Jaguar Land Rover, we don't know how much cover they have, if they actually have insurance cover,
03:53and whether it would assist the downstream people, the third parties, that sort of thing.
03:58Do you think that's an area where companies need to invest in more heavily?
04:01Yeah, the cyber insurance question is, is a good one and a hard one to answer, to be honest, they're spot on.
04:08Jaguar Land Rover, they don't talk to Lockton, I believe, they didn't quite make the discussions or the finalize everything in time.
04:15Cyber insurance is definitely a good thing to have for a lot of reasons.
04:18It can be quite tricky, it's like any insurance, you have to make sure you adhere to their terms and conditions,
04:23because sometimes if all your systems aren't patched or up to date, you'll be in violation of any claims and you won't get the, get the money back.
04:30So you have to make sure, even if you do have cyber insurance, that you have almost the right kind and that you're fully compliant.
04:37The one interesting caveat with cyber insurance is that ransomware gangs may target organizations that they know have cyber insurance,
04:45because then they know they're going to get a payout.
04:47And we've seen instances where hackers will break in, they'll dig through your inbox,
04:50they'll find your cyber insurance policies, and then they'll drop their ransomware and say,
04:54right, I know your cyber insurance is £5 million, so I'm holding you to ransom for £4 million,
04:58£4 million for you, and save the million over just to get your systems back up and running.
05:02So there's definitely that interesting, almost side caveat there of having cyber insurance.
Comments