Latest news with #InstantInsights
Yahoo
4 days ago
- Business
- Yahoo
Retail cyberattacks: AI making threats 'more advanced and personalised'
The use of artificial intelligence (AI) by perpetrators of cyberattacks is increasing the threat to retailers and their customers, according to a cybersecurity industry leader. Speaking on an episode of GlobalData's Instant Insights podcast, Charlotte Wilson, head of enterprise sales at cybersecurity company Check Point Software, said that while the form that cyberattacks take has not changed a great deal, AI is being used to make them more effective. This embedded content is not available in your region. 'I think they're getting far more advanced and highly personalised because of AI,' said Wilson. 'If you take this retail attack, any of the retailers right now, the primary attack is to get the money from the retailer to free up access back to their information, and that's the ransomware itself for the company, the retailer, to pay or not pay or negotiate. 'The secondary attack is all that information that has been gathered can then be sold to other people that then might do a secondary activity with it. And that's where some of the sophistication comes in. That's where social engineering comes in.' Social engineering is the practice of deceiving and manipulating individuals into performing specific actions. It is a well-known tactic of email scammers who purport to be people or companies that they are not to trick victims into giving them personal information. Of the role of retail cyberattacks in facilitating this, Wilson explained: 'There's the first attack, which is to the retailer. The secondary attack is to you and me, the mums and dads, brothers and sisters, the consumer – and AI is making them something you're more likely to click on because they're much more personalised. 'It could be so much as, 'I see that you bought this in the last time that you visited our store. We hope that was great for you. Here's some personalised offers for you based on what you like to shop for,' and if I've got access to you as a loyalty scheme customer, I probably know quite a bit about you.' Wilson was speaking on the episode following the recent spate of cyberattack targeting UK retailers including Marks and Spencer, Co-op and Harrods. They are thought to have been perpetrated by a group known as Scattered Spider using a ransomware-as-a-service platform called DragonForce, of which Wilson says: 'There will be operators that design the ransomware attacks and the malware, and then there are affiliates that will go and use those and exploit it and hold people to ransom. They sometimes have a profit-share model, so it's a profitable way of doing cybercrime.' Despite widespread coverage of the recent attacks, Check Point, which carries out its own cybersecurity research, finds retail to be only the fifth most hacked industry at present. 'It's way, way behind education, government and healthcare,' said Wilson. 'So, it's actually not the biggest attacked. We think they're dealing with about 300 attacks per week. It starts to get into the 1000s when you start to get into the other industries. 'However, obviously once you're in you can hold to ransom at a higher rate because it's so much more public, and you can see just the press at the moment is reporting the retail hacks pretty much every other day.' Wilson went on to explain that retailers are at a particular disadvantage as they typically have a much larger potential attack surface than businesses in other industries. 'Retailers have an incredibly hard job because they're dealing with so many different suppliers of varying degrees,' said Wilson. 'The networks are dynamic. They have lots of things attached to them, so I think they have a really complex job, and, from a hacker's perspective, the path of least resistance is the one they'll choose. 'If you've got lots of things that you have to maintain, you have to make sure are patched, secured and controlled across many different interfaces, it's much easier for you to have something that isn't as up to date as it should be, or isn't as protected as it could be, they're much more susceptible to mistakes.' Wilson gave two main recommendations for retailers to help keep their cybersecurity tight. 'One clear thing they can do is monitor the third-party access to their networks,' she said. 'One challenge that retailers have that is unique is that some of the suppliers to them might be quite small, and so may not hold the same level of security in their organisation as maybe the retailer is.' In addition, she noted that collaboration between security and IT teams when patching vulnerabilities is required is not always adequate. Wilson is of the opinion that the handling of common vulnerability exploits (CVEs) – vulnerabilities that are identified and need to be patched – often fails as a result of miscommunication or misunderstanding between the two teams within a business. 'I just think the CVE part never really gets taken all that seriously,' she explained. 'That bit, for me, is a big thing. If it's being handled by your IT team as opposed to your security team, I think it's important that the security team stress the need for those certain CVEs that are critical to get patched and sorted, or to put those people outside of a blast zone.' "Retail cyberattacks: AI making threats 'more advanced and personalised'" was originally created and published by Just Food, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.
Yahoo
15-05-2025
- Business
- Yahoo
Tariffs affecting US investment decisions by foreign companies
Representatives from numerous non-US companies have told Investment Monitor that they are delaying major US investment decisions as a result of the uncertainty created by the tariffs agenda being pursued by the Trump administration. Delegates at this week's SelectUSA Investment Summit, the country's primary foreign direct investment (FDI) event, cited difficulties in planning ahead while the implementation and level of the proposed tariffs remain unresolved. This embedded content is not available in your region. Speaking to this issue as part of GlobalData's Instant Insights podcast, Yvonne Bendinger-Rothschild, executive director of the European American Chamber of Commerce in New York, told Investment Monitor: 'The problem is more the uncertainty than the tariff itself. I mean, a tariff is a tax, and nobody likes to have a tax all of a sudden put onto them or onto their trade. 'But I think the problem is that we're constantly going back and forth, you know? If we say there's going to be a 10% tariff, then people can plan with it to do something and make forecasts. If you think about it, that we have earnings reports that don't have a forecast in them, that turns every economist's stomach.' Ed Bristol, vice president for international trade at the Consumer Technology Association, added: 'There is a great desire by companies to invest in the United States, but in order to do that, they need predictability and certainty on what the trading environment looks like – not just today, but in the future, both short term, mid-term and long term. 'The current tariff policy – it's much more of a tariff policy that is a trade policy – does not create that necessary certainty and predictability. As a matter of fact, it leaves companies guessing as to how they can position themselves for success.' Bristol went on to note that the imposition of tariffs could in fact discourage businesses from investing and locating in the US – in contrast to one of the aims stated for them by US President Donald Trump – by raising the cost of importing goods that may be required for manufacturing. The Summit, which ran from Sunday (May 11) to yesterday (May 14), is said to have been the largest edition to date, with a number of major investments announced to coincide with it. Oklahoma Governor Kevin Stitt announced a $300m expansion in the state by ammunition manufacturer CBC Global Ammunition, and India's Waaree Energies announced a $200m expansion in its US subsidiary focusing on battery energy storage, for example. However, it was acknowledged by attendees at the conference that the tariffs being imposed are affecting investment in the US. Indeed, Stitt himself said: 'it's affecting everyone.' He went on to note that aviation companies in Oklahoma had told him they were now at a disadvantage and also referenced impacts for wheat, soybean and cotton producers in the state. Barry Broome, president and CEO of the Greater Sacramento Economic Council, commented: 'California is a big international market. So about 40% of our business activity comes from international markets. 60% are domestic. This year, we're down about 26% over last year. I think any time you see uncertainty, people put the brakes on complicated projects.'"Tariffs affecting US investment decisions by foreign companies" was originally created and published by Just Drinks, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.
