Countless British companies may be at risk of having hackers lurking within their systems, thanks to a shift in the hacking business model. Luxury brand Dior recently disclosed that some customer data was stolen, while M&S continues to grapple with the aftermath of an attack that began in April. M&S recently confirmed that customer data was compromised, although sensitive payment details and passwords were unaffected. Online shopping at M&S remains offline, and recruitment efforts have been halted as the company works to contain the impact of the breach. Other retailers like Co-op and Harrods have also faced cyber threats, with Co-op managing to avert a major crisis by detecting criminals in its network and shutting down operations. Meanwhile, Harrods successfully repelled hackers attempting to exploit its systems. Although investigations have not linked these incidents, the rise in high-profile breaches may be attributed to changes in the hacking market, according to Dr. Harjinder Lallie, a cybersecurity expert at the University of Warwick. The emergence of «ransomware-as-a-service» models, such as DragonForce, has made it easier for aspiring hackers to launch attacks without the need for technical expertise. These cybercriminals can now purchase powerful tools on dark web forums, resembling online marketplaces, and even receive a portion of the ransom collected. The DragonForce ransomware has reportedly been linked to the M&S attack. With hackers infiltrating businesses through social engineering tactics, tens of thousands of UK companies could unknowingly have hackers within their networks, waiting for the opportune moment to strike. The integration of artificial intelligence only complicates the cybersecurity landscape, as most attacks are rooted in social engineering tactics, as noted by Professor Manos Panaousis from the University of Greenwich. Many UK companies at risk of M&S-style hackers in systems

Tens of thousands of British businesses could potentially have hackers lurking within their systems due to a shift in the hacking business model.

Recently, luxury fashion brand Dior disclosed that some customer data was compromised by attackers, while M&S continues to deal with the aftermath of an attack that began in April.

M&S confirmed on Tuesday that customer data was stolen, although no «usable» payment information or passwords were taken.

Online shopping remains unavailable at M&S, and recruitment activities have been paused as the company works to manage the effects of the attack.

Co-op managed to avert a major crisis by detecting criminals in its network and shutting down its operations, while Harrods also recently successfully defended against attempted hackers.

Although these attacks have not been linked by investigators, the rise in high-profile incidents could be attributed to changes in the hacking market, as suggested by Dr. Harjinder Lallie.

«It’s quite alarming,» stated Dr. Lallie, a cybersecurity expert at the University of Warwick, in an interview with Sky News.

«I’ve been in the field of cybersecurity for 26 years, and I’ve never witnessed a situation like this before.»

The perpetrators behind DragonForce, a potent tool suite that extorts companies for ransom, recently altered their business strategy.

«They transitioned to what we call ‘ransomware-as-a-service’ model.

«If I were DragonForce, I would offer you: ‘You can utilize my extremely powerful tools for carrying out the attack, and you can retain 80% of the proceeds, as long as I receive 20% of it,'» explained Dr. Lallie.

This implies that aspiring hackers no longer require technical expertise to launch an attack, he added.

Now, individuals can simply purchase the software from dark-web forums that function like regular online marketplaces, complete with vendor ratings.

Reports suggest that traces of the DragonForce ransomware have been identified in the M&S attack.

For more on climate, science, and technology:
M&S confirms hackers accessed customers’ personal data
AI systems can make group decisions and influence each other
Warnings issued about heat’s impact on pregnant women and newborns

In incidents like M&S’s, criminals infiltrate a company’s networks, often by deceiving someone into granting them access, and then spend time gathering information, including potential weaknesses and network configurations.

«It’s likely that tens of thousands of businesses across the UK have hackers already present in their networks without their knowledge,» Dr. Lallie warned.

«I don’t mean to spread fear, but that’s the reality. They’re lurking in your network, waiting for the opportune moment to strike.»

Professor Manos Panaousis, a cybersecurity expert at the University of Greenwich, also highlighted the role of artificial intelligence in exacerbating the issue.

«The majority of cybersecurity attacks involve social engineering tactics,» he explained. Could you please rephrase that? Can you rewrite this sentence for me? Please rewrite this sentence.

SOURCE