Latest news with #IanBatten
Metro
23-05-2025
- Business
- Metro
The simple tactics of hackers targeting major firms like M&S and Co-op
Companies and websites are facing 'constant' cyber attacks after a number of supermarkets were targeted by hackers, an expert has said. Hacks like the one that paralysed Marks and Spencer payment systems and led to customer data being stolen are being attempted 'all the time and everywhere', cyber security expert Dr Ian Batten told Metro. M&S shoppers were greeted with empty shelves after the ransomware attack caused disruption to payments and online ordering. The supermarket will face disruption from the cyber attack for another two months. The website also went down a day after it warned that the disruption could last until July. Co-op was also hit by a cyber attack in April, with customer data stolen, while Harrods also fell victim, with some systems being taken offline. It also emerged this week that logistics firm Peter Green Chilled was targeted, leading to fears that other retailers might be next. But those hackers taking down national institutions are often not carrying out sophisticated attacks, Batten said. Instead, they are using clever tricks and bombarding hundreds of companies in hopes of getting lucky. This time around, the attack has been linked to a mysterious hacking collective known as Scattered Spider. The ongoing M&S outages were caused by a ransomware attack that encrypted the company's servers, BleepingComputer reports. The hackers reportedly could have breached M&S as early as February. According to Dr Batten, a lecturer for the School of Computer Science at the University of Birmingham, the malign agents could have waited months to 'pull the detonator'. 'If they broke in through the front door, into the virtual machine, and are running ransomware inside it, then all the backups are corrupt as well,' Batten told Metro. 'You don't know when they broke in. 'If they're sensible, they would have broken in months ago, planted their thing, and not used it. 'Then they come back later, when all of the backups contain their magic stuff, and then pull the trigger and it all goes horribly wrong.' Dr Batten warns that M&S's own tech experts may still be in the dark about what happened. He added: 'That's where a lot of really smart people are gonna be doing an awful lot of smart work in order to try and figure out what's actually going on.' The impact has been devastating, with M&S potentially losing around £3.5 million per day. The computer whizzes behind these kinds of break-ins are 'not deploying sophisticated technical attacks', Dr Batten says. The hackers, who are often young and unemployed, are simply using the gift of the English language to trick themselves into computer systems, he said. The cyber expert told Metro: 'You phone up an IT help desk and say, 'Hey, it's Dave from the Basingstoke branch. I've got this problem. Could you just give me access to such and such?' 'Most times you won't get away with it, but if you try 100 times, maybe you'll get lucky.' Dr Batten compares it to the scam text messages we all get. He said: 'The point is they are sending a million of those texts, or at least tens of thousands. They only have to get lucky once.' So those behind the attack did not set out to break into M&S directly, they just 'happened to be the ones who succeeded' in getting into. 'It's naive to assume that everyone's motivation is straightforwardly money,' Dr Batten told Metro. Hackers are driven by a wide range of factors, with money often being a secondary consideration. Many are just in it for the recognition of others. 'Solo actors have done some really quite spectacularly bad things just to get the respect of their peers. 'Others then use it as a calling card so that they can then get entrance to the next step, which will be something which will make them money.' Many groups often just want to sow division and chaos in one country, sometimes at the direction of another country. Dr Batten said: 'The ones which are the fronts or the agents of state actors, their objectives may be sowing chaos, mistrust, economic harm. 'They would regard the money as a bonus. They may regard the disruption, to the company as being an end in itself.' The cyber professor is clear that cyber attack attempts are happening all the time. People are constantly running 'vulnerability scanners' across the web to find areas to attack. They are often looking for decades-old flaws, Batten says. So while there is 'a substantial problem', it is difficult to tell whether attacks are truly rising or falling. More Trending He said that what is giving the perception of increased attacks is that more firms are owning up to breaches. He added: 'Marks & Spencer's communication has been fantastic. They have been very clear, very direct, and very straightforward with their customers. 'That will give the perception from the outside that the number of such attacks is increasing, although in reality they're just being admitted to much more honestly.' A version of this article was first published on May 1. Get in touch with our news team by emailing us at webnews@ For more stories like this, check our news page. MORE: Co-op introducing major change to 2,400 stores by 2026 MORE: Prison officer accused of having relationships with two inmates appears in court MORE: New VR shows users horrifying reality of what it's like to be stabbed to death
Metro
21-05-2025
- Business
- Metro
M&S to face disruption from massive cyber attack for another two months
Marks and Spencer has said the fallout from the cyber attack is expected to last until July. M&S was targeted by hackers in April, which disrupted contactless payments and Click and Collect – just one of many major retailers that have been hacked recently. The retailer then confirmed that customer data had been stolen, although it said no passwords or card details were accessed. M&S and customers face further disruption from the attack, expected to last through to July. Shoppers have faced empty shelves in M&S stores after the attack, while online orders were paused for weeks. Its operating profits will be reduced by around £300 million due to the impact of the attack, M&S warned. Experts said that attacks on iconic institutions are often not sophisticated. Instead, hackers resort to tricks and bombard several companies in case one of them hits a vulnerability, cyber security expert Dr Ian Batten told Metro. The M&S outage has been linked to a collective called Scattered Spider, which used a ransomware attack to breach its system. Cyber criminals have also targeted Co-op, Harrods and the Ministry of Justice's Legal Aid Agency, leaving many users in uncertainty over who holds their details. The latest to announce a cyber attack is the Tesco, Sainsbury's and Aldi supplier Peter Green Chilled. More Trending Detectives from the National Crime Agency are investigating the string of attacks. They are focusing on a group known as Scattered Spider, which is thought to include young, English-speaking teenagers, BBC News reports. Paul Foster, the head of the NCA's national cyber crime unit told the broadcaster in a documentary: 'We are looking at the group that is publicly known as Scattered Spider, but we've got a range of different hypotheses and we'll follow the evidence to get to the offenders.' Got a story? Get in touch with our news team by emailing us at webnews@ Or you can submit your videos and pictures here. For more stories like this, check our news page. Follow on Twitter and Facebook for the latest news updates. You can now also get articles sent straight to your device. Sign up for our daily push alerts here. MORE: These are the 9 best (and most comfortable!) ballet flats to wear this summer MORE: The unhealthiest supermarket sandwiches with more calories than a Big Mac MORE: The UK supermarket rewards schemes that are actually worth your loyalty
Metro
13-05-2025
- Business
- Metro
The alarming tactics of hackers targeting major firms like M&S and Co-op
Companies and websites are facing 'constant' cyber attacks after three major supermarkets were targeted by hackers in the last month, an expert has said. Hacks like the one that paralysed Marks and Spencer payment systems and led to customer data being stolen are being attempted 'all the time and everywhere', cyber security expert Dr Ian Batten told Metro. M&S shoppers were greeted with empty shelves after the ransomware attack caused disruption to payments and online ordering. Co-op was also hit by a cyber attack in April, with customer data stolen, while Harrods also fell victim with some systems being taken offline. But those hackers taking down national institutions are often not carrying out sophisticated attacks, Batten said. Instead, they are using clever tricks and bombarding hundreds of companies in hopes of getting lucky. This time around the attack has been linked to a mysterious hacking collective known as Scattered Spider The ongoing M&S outages were caused by a ransomware attack that encrypted the company's servers, BleepingComputer reports. The hackers reportedly could have breached M&S as early as February. According to Dr Batten, a lecturer for the School of Computer Science at the University of Birmingham, the malign agents could have waited months to 'pull the detonator'. 'If they broke in through the front door, into the virtual machine, and are running ransomware inside it, then all the backups are corrupt as well,' Batten told Metro. 'You don't know when they broke in. 'If they're sensible, they would have broken in months ago, planted their thing, and not used it. 'Then they come back later, when all of the backups contain their magic stuff, and then pull the trigger and it all goes horribly wrong.' Dr Batten warns that M&S's own tech experts may still be in the dark about what happened. He added: 'That's where a lot of really smart people are gonna be doing an awful lot of smart work in order to try and figure out what's actually going on.' The impact has been devastating, with M&S potentially losing around £3.5 million per day. The computer whizzes behind these kind of break-ins are 'not deploying sophisticated technical attacks', Dr Batten says. The hackers, who are often young and unemployed, are simply using the gift of the English language to trick themselves into computer systems. The cyber expert told Metro: 'You phone up an IT help desk and say, 'Hey, it's Dave from the Basingstoke branch. I've got this problem. Could you just give me access to such and such?' 'Most times you won't get away with it, but if you try 100 times, maybe you'll get lucky.' Dr Batten compares it to the scam text messages we all get. He said: 'The point is they are sending a million of those texts, or at least tens of thousands. They only have to get lucky one.' So those behind the attack did not set out to break into M&S directly, they just 'happened to be the one that they succeeded' in getting into. 'They had been probing a variety of large corporates,' Batten added. 'It's naive to assume that everyone's motivation is straightforwardly money,' Dr Batten told Metro. Hackers are driven by a wide range of factors, with money often being a secondary consideration. Many are just in it for the recognition of others. 'Solo actors have done some really quite spectacularly bad things just to get the respect of their peers. 'Others then use it as a calling card so that they can then get entrance to the next step, which will be something which will make them money.' Many groups often just want to sow division and chaos in one country, sometimes at the direction of another country. Dr Batten said: 'The ones which are the fronts or the agents of state actors, their objectives may be sowing chaos, mistrust, economic harm. 'They would regard the money as a bonus. They may regard the disruption, to the company as being an end in itself.' The cyber professor is clear that cyber attack attempts are happening all the time. People are constantly running 'vulnerability scanners' across the web to find areas to attack. They are often looking for flaws which are decades old, Batten says. So while there is 'clearly a substantial problem', it is difficult to tell whether attacks are truly rising or falling. More Trending What is giving the perception of increased attacks is that more firms are owning up to breaches. Batten said: 'Marks & Spencer's communication has been fantastic. They have been very clear, very direct, and very straightforward with their customers. 'That will give the perception from the outside that the number of such attacks is increasing, although in reality they're just being admitted to much more honestly.' A version of this article was first published on May 1. Get in touch with our news team by emailing us at webnews@ For more stories like this, check our news page. MORE: Man, 87, attacked and left for dead for 'cornflakes and shepherd's pie' MORE: First pictures of car exploding near Keir Starmer's house in 'arson attack' MORE: Dad 'stabs dead his wife, their two kids and himself hours before son's graduation'
Metro
01-05-2025
- Business
- Metro
The surprising tactics of hackers targeting the likes of M&S and Co-op
Companies and websites are facing 'constant' cyber attacks after two major supermarkets were targeted by hackers in the last week, an expert has said. Hacks like the one that paralsyed Marks and Spencer payment systems are being attempted 'all the time and everywhere', cyber security expert Dr Ian Batten told Metro. M&S shoppers were greeted with empty shelves after the ransomware attack caused disruption to payments and online ordering. Co-op was also hit by a cyber attack on firm reportedly told staff they have 'taken steps to keep systems safe' and had 'pre-emptively withdrawn access to some systems for the moment'. But those hackers taking down national institutions are often not carrying out sophisticated attacks, Batten said. Instead, they are using clever tricks and bombarding hundreds of companies in hopes of getting lucky. This time around the attack has been linked to a mysterious hacking collective known as Scattered Spider The ongoing M&S outages were caused by a ransomware attack that encrypted the company's servers, BleepingComputer reports. The hackers reportedly breached M&S as early as February. According to the Dr Batten, lecturer for the School of Computer Science at the University of Birmingham, the malign agents could have waited months to 'pull the detonator'. 'If they broke in through the front door, into the virtual machine, and are running ransomware inside it, then all the backups are corrupt as well,' Batten told Metro. 'You don't know when they broke in. 'If they're sensible, they would have broken in months ago, planted their thing, and not used it. 'Then they come back later, when all of the backups contain their magic stuff, and then pull the trigger and it all goes horribly wrong.' Dr Batten warns that M&S's own tech experts may still be in the dark about what happened. He added: 'That's where a lot of really smart people are gonna be doing an awful lot of smart work in order to try and figure out what's actually going on.' The impact has been devastating, with M&S potentially losing out on roughly £3.5 million for each day. The computer whizzes behind these kind of break-ins are 'not deploying sophisticated technical attacks', Dr Batten says. The hackers, who are often young and unemployed, are simply using the gift of the English language to trick themselves into computer systems. The cyber expert told Metro: 'You phone up an IT help desk and say, 'Hey, it's Dave from the Basingstoke branch. I've got this problem. Could you just give me access to such and such?' 'Most times you won't get away with it, but if you try 100 times, maybe you'll get lucky.' Dr Batten compares it to the scam text messages we all get. He said: 'the point is they are sending a million of those texts, or at least tens of thousands. They only have to get lucky one.' So those behind the attack did not set out to break into M&S directly, they just 'happened to be the one that they succeeded' in getting in to. 'They had been probing a variety of large corporates,' Batten added. 'It's naive to assume that everyone's motivation is straightforwardly money,' Dr Batten told Metro. Hackers are driven by a wide range of factors, with money often being a secondary consideration. Many are just in it for the recognition of others. 'Solo actors have done some really quite spectacularly bad things just to get the respect of their peers. 'Others then use it as a calling card so that they can then get entrance to the next step, which will be something which will make them money.' Many groups often just want to sow division and chaos in one country, sometimes at the direction of another country. Dr Batten said: 'The ones which are the fronts or the agents of state actors, their objectives may be sowing chaos, mistrust, economic harm. 'They would regard the money as a bonus. They may regard the disruption, to the company as being an end in itself.' The cyber professor is clear that cyber attack attempts are happening all the time. People are constantly running 'vulnerability scanners' across the web to find areas to attack. They are often looking for flaws which are decades old, Batten says. More Trending So while there is 'clearly a substantial problem', it is difficult to tell whether attacks are truly rising or falling. What is giving the perception of increased attacks is that more firms are owning up to breaches. Batten said: 'Marks & Spencer's communication has been fantastic. They have been very clear, very direct, and very straightforward with their customers. 'That will give the perception from the outside that the number of such attacks is increasing, although in reality they're just being admitted to much more honestly.' Get in touch with our news team by emailing us at webnews@ For more stories like this, check our news page.
