In the last days of summer, the Jaguar Land Rover manufacturing plant in Liverpool called a halt after its luxury material supply was no longer guaranteed after a major cyber attack upended its suppliers.
The cost in lost revenue to the Jaguar Land Rover company, which exports Range Rovers, Land Rover and Jaguar luxury vehicles to the world, could total more than £2.2 billion ($2.9 billion) if the shutdown of three of its factories goes into October. The interruption of output threatens its 30,000 direct employees and the 200,000 people in its supply chain.
It is a calamity of such seriousness that the UK government has been forced to step in, but it is also a sign that Britain − and other developed countries − are dangerously vulnerable to the young adults who make up the foot soldiers of global cyber crime gangs.
JLR’s travails came on the heels of a cyber crime spring and summer in which it was joined by retailers Marks and Spencer and Harrods and the food store chain Co-op in suffering devastating business interruptions. All the brands are emblematic of the UK and leading businesses.
The cost to M&S was about £300 million, the Co-op lost an estimated £100 million, while the disruption cost Harrods about £30 million.
Total cost to the companies could be more than £2.65 billion in lost revenue − which is about half the annual budget of the spy agency GCHQ, charged with protecting the UK against cyber crime.
The problem is, according to experts spoken to by The National, the luxury brands will continue to be targeted because they are “so valuable and have such large databases” and GCHQ has excellent but limited resources.
Brand Britain
But if “Brand Britain” is under siege shouldn’t government be doing more to provide the defences?
As it is GCHQ and its National Cyber Security Centre arm is under significant pressure fighting off state actors − mainly Russia, China and Iran − while also attempting to defend Britain’s critical infrastructure from cyber assault.
The security services, said Prof Oli Buckley of Loughborough University, “can’t directly protect every company from every possible cyber threat” because that “would be like asking the Met Office to stop it raining”.
Essentially it is now down to companies to protect themselves as all that hackers need today is “one crack in the door” and they’re in.
That was ably demonstrated by the gang that managed to get around M&S’s “hardened perimeter” via a supplier, who will not have the same level of security, said Prof Madeline Carr, cyber security expert at University College London.
“Basically, since we have moved the economy online we have never really prepared for this,” she added.
The UK has “significant cyber vulnerabilities” and it was “widely recognised that better cyber security and resilience is needed”, particularly for UK critical infrastructure as it was a “relatively rich target for cyber criminals”, said Dr Joseph Devanny, of the Department of War Studies, King's College London.
Category one
Security sources told The National that while there might be a “blind spot” in Britain’s defences – as there are in almost every country’s – companies “need to be doing more to protect themselves”.
There is also a need for more resources, especially for the National Crime Agency that leads on cyber, said Dr Gareth Mott, of the Royal United Services Institute think tank.
There is a suggestion too that what veteran Labour MP Liam Byrne described as a “digital siege” on big companies is a new form of modern-day terrorism.
With the attacks increasing the chair of business committee argued that the government needed to act as a backstop to a “different insurance system” to help companies.
A security source said that getting domestic security agency MI5 involved was unlikely, as there had not yet been a cultural shift − as there was in 2000s on counter-terrorism − “because there’s nobody threatening us with guns and bombs”.
Enlisting MI5 or counter-terrorism teams was also not the right approach as it was “like using a chainsaw to trim your toenails”, said Prof Buckley.
However, it might take a Category One incident, that could see loss of life from a hospital shutdown or mass pollution of sewage leaking into drinking water, to make real changes, he added.
“Cyber incidents are serious, but they’re not bombs dropping from the sky. What we’re seeing now is a perfect storm of criminal opportunity, geopolitical tension, supply-chain fragility and a growing dependence on complex and interconnected systems,” he said.
As Britain had not yet experienced “that cultural shift in cyber”, Dr Mott called for a “more aggressive, interventionist government policy” but admitted that had been low on its priority list. “It’s just that we haven't seen a Category One incident … yet.”
Darknet dangers
Despite their deeply damaging impact, very little is known about the criminals behind the attacks beyond their cyberpunk names such as Scattered Spider, Lapsus$ and ShinyHunters.
They are usually a disparate assembly of young criminals, some teenagers, who spend many hours online usually in “darknet communities” planning how to hold western economies to ransom.
They are mainly based in Britain or America using their local knowledge and accents to hoodwink people by “vishing” − voice and phishing − alongside sophisticated internet tools that are now so accessible.
“It’s a much more lucrative, low-cost, low-risk way of committing, organised crime now because the chances of being apprehended are very low,” said Prof Carr.
Some of the gangs like Lapsus$ − also known as Strawberry Tempest − have very few members, perhaps seven, including two teenagers, with a presence in both Britain and Brazil.
Digital doorknobs
It is not known how much cash is paid by major companies for ransomware – something the government discourages – but there are reports of hefty payments.
However, a part of it is done for the bragging rights and it “makes a far better story when it’s an iconic brand”, said Prof Buckley.
“The attackers rattle digital doorknobs to see who’s left theirs unlocked, or they exploit supply-chain links that just happen to include a big name,” he added.
That is a shift away from state hackers, who remain a threat, as do the mass hacking farms found in Cambodia and Myanmar.
The problem was that “criminal tactics, techniques and procedures are outpacing businesses' cyber preparedness”, said Kailyn Johnson, the cyber lead at Sibylline intelligence company.
But it’s not just the mischief, notoriety or cash. The criminals also soak up and sell the valuable data that’s especially useful from JLR’s customers who can afford the £106,000 latest Land Rover.
“It’s almost inevitable criminals shifted to this kind of ecosystem where we share valuable data that can be monetised,” said Prof Carr.
Ms Johnson agreed. “Lucrative data that will certainly sell for high prices on the dark web.”
Cyber law
The crime is growing so quickly that is has now become a “game of whack-a-mole as global law enforcement agencies co-ordinate to take down criminal infrastructure” only for the gangs to “disband and reform down the line”, said Virpratap Vikram Singh from the International Institute for Strategic Studies think tank's cyber security team.
The UK in particularly was “witnessing a notable increase in incidents” with NCSC reporting a doubling of “nationally significant” cyber incidents.
That will require much more resources. But firstly the government needs to get its Cyber Security and Resilience Bill through Parliament that will require major companies to manage their critical infrastructure.
Expect it to get worse, argued Joyce Hakmeh, Chatham House think tank’s international security expert. “The criminals learn from each other, what works, and apply it so there's an urgent need to do something because the scope and impact are clear.”
The problem was the “barriers to entry have definitely lowered” as unlike in the past the “sophisticated tools are much more accessible” and AI has yet to play a major role.
Cyber shoplifters
The JLR hack in particular might well have shaken the government into greater activity, but that will not help the company, Harrods or Co-op all of whom did not have insurance cover, unlike M&S.
Long gone are the days when profits were held back by shoplifters or suspicious packages.
As businesses have grabbed the opportunities offered by going online, so criminals have shifted to the internet, posing a serious threat to the economy.
This is something that the security services admitted needs to be thoroughly reviewed. “The high-profile cyber attacks we have seen in recent weeks must give us pause – not because they are unique, but because they are not,” an NCSC spokesman said. “They merely serve to highlight the reality of what the National Cyber Security Centre sees every day.”
Mountain%20Boy
%3Cp%3E%3Cstrong%3EDirector%3A%3C%2Fstrong%3E%20Zainab%20Shaheen%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStarring%3A%3C%2Fstrong%3E%20Naser%20Al%20Messabi%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ERating%3C%2Fstrong%3E%3A%203%2F5%3C%2Fp%3E%0A
The five pillars of Islam
1. Fasting
2. Prayer
3. Hajj
4. Shahada
5. Zakat
What are the GCSE grade equivalents?
- Grade 9 = above an A*
- Grade 8 = between grades A* and A
- Grade 7 = grade A
- Grade 6 = just above a grade B
- Grade 5 = between grades B and C
- Grade 4 = grade C
- Grade 3 = between grades D and E
- Grade 2 = between grades E and F
- Grade 1 = between grades F and G
Skewed figures
In the village of Mevagissey in southwest England the housing stock has doubled in the last century while the number of residents is half the historic high. The village's Neighbourhood Development Plan states that 26% of homes are holiday retreats. Prices are high, averaging around £300,000, £50,000 more than the Cornish average of £250,000. The local average wage is £15,458.
Mission%3A%20Impossible%20-%20Dead%20Reckoning%20Part%20One
%3Cp%3E%3Cstrong%3EDirector%3A%3C%2Fstrong%3E%20Christopher%20McQuarrie%3Cbr%3E%3Cstrong%3EStars%3A%3C%2Fstrong%3E%20Tom%20Cruise%2C%20Hayley%20Atwell%2C%20Pom%20Klementieff%2C%20Simon%20Pegg%3Cbr%3E%3Cstrong%3ERating%3A%3C%2Fstrong%3E%204%2F5%3C%2Fp%3E%0A
Results
6.30pm: The Madjani Stakes (PA) Group 3 Dh175,000 (Dirt) 1,900m
Winner: Aatebat Al Khalediah, Fernando Jara (jockey), Ali Rashid Al Raihe (trainer).
7.05pm: Maiden (TB) Dh165,000 (D) 1,400m
Winner: Down On Da Bayou, Royston Ffrench, Salem bin Ghadayer.
7.40pm: Maiden (TB) Dh165,000 (D) 1,600m
Winner: Dubai Avenue, Fernando Jara, Ali Rashid Al Raihe.
8.15pm: Handicap (TB) Dh190,000 (D) 1,200m
Winner: My Catch, Pat Dobbs, Doug Watson.
8.50pm: Dubai Creek Mile (TB) Listed Dh265,000 (D) 1,600m
Winner: Secret Ambition, Tadhg O’Shea, Satish Seemar.
9.25pm: Handicap (TB) Dh190,000 (D) 1,600m
Winner: Golden Goal, Pat Dobbs, Doug Watson.
The specs: Audi e-tron
Price, base: From Dh325,000 (estimate)
Engine: Twin electric motors and 95kWh battery pack
Transmission: Single-speed auto
Power: 408hp
Torque: 664Nm
Range: 400 kilometres
WHAT%20IS%20'JUICE%20JACKING'%3F
%3Cp%3E%E2%80%A2%20Juice%20jacking%2C%20in%20the%20simplest%20terms%2C%20is%20using%20a%20rogue%20USB%20cable%20to%20access%20a%20device%20and%20compromise%20its%20contents%3C%2Fp%3E%0A%3Cp%3E%E2%80%A2%20The%20exploit%20is%20taken%20advantage%20of%20by%20the%20fact%20that%20the%20data%20stream%20and%20power%20supply%20pass%20through%20the%20same%20cable.%20The%20most%20common%20example%20is%20connecting%20a%20smartphone%20to%20a%20PC%20to%20both%20transfer%20data%20and%20charge%20the%20former%20at%20the%20same%20time%3C%2Fp%3E%0A%3Cp%3E%E2%80%A2%20The%20term%20was%20first%20coined%20in%202011%20after%20researchers%20created%20a%20compromised%20charging%20kiosk%20to%20bring%20awareness%20to%20the%20exploit%3B%20when%20users%20plugged%20in%20their%20devices%2C%20they%20received%20a%20security%20warning%20and%20discovered%20that%20their%20phones%20had%20paired%20to%20the%20kiosk%2C%20according%20to%20US%20cybersecurity%20company%20Norton%3C%2Fp%3E%0A%3Cp%3E%E2%80%A2%20While%20juice%20jacking%20is%20a%20real%20threat%2C%20there%20have%20been%20no%20known%20widespread%20instances.%20Apple%20and%20Google%20have%20also%20added%20security%20layers%20to%20prevent%20this%20on%20the%20iOS%20and%20Android%20devices%2C%20respectively%3C%2Fp%3E%0A
FORSPOKEN
%3Cp%3EDeveloper%3A%20Luminous%20Productions%0D%3Cbr%3EPublisher%3A%20Square%20Enix%0D%3Cbr%3EConsole%3A%20PC%2C%20PS5%0D%3Cbr%3ERelease%20date%3A%20January%3C%2Fp%3E%0A
Company%20of%20Heroes%203
%3Cp%3EDeveloper%3A%20Relic%20Entertainment%3Cbr%3EPublisher%3A%20SEGA%3Cbr%3EConsole%3A%20PC%2C%20PS5%2C%20XSX%3Cbr%3ERelease%20date%3A%20February%3C%2Fp%3E%0A
Star%20Wars%20Jedi%3A%20Survivor
%3Cp%3EDeveloper%3A%20Respawn%20Entertainment%0D%3Cbr%3EPublisher%3A%20Electronic%20Arts%0D%3Cbr%3EConsole%3A%20PC%2C%20PS5%2C%20XSX%0D%3Cbr%3ERelease%20date%3A%20March%3C%2Fp%3E%0A
Suicide%20Squad%3A%20Kill%20the%20Justice%20League
%3Cp%3EDeveloper%3A%20Rocksteady%20Studios%0D%3Cbr%3EPublisher%3A%20Warner%20Bros%0D%3Cbr%3EConsole%3A%20PC%2C%20PS5%2C%20XSX%0D%3Cbr%3ERelease%20date%3A%20May%3C%2Fp%3E%0A
Final%20Fantasy%20XVI
%3Cp%3EDeveloper%3A%20Square%20Enix%0D%3Cbr%3EPublisher%3A%20Square%20Enix%0D%3Cbr%3EConsole%3A%20PS5%0D%3Cbr%3ERelease%20date%3A%20June%3C%2Fp%3E%0A
Street%20Fighter%206
%3Cp%3EDeveloper%3A%20Capcom%0D%3Cbr%3EPublisher%3A%20Capcom%0D%3Cbr%3EConsole%3A%20PS5%2C%20XSX%2C%20PC%0D%3Cbr%3ERelease%20date%3A%20June%3C%2Fp%3E%0A
Diablo%20IV
%3Cp%3EDeveloper%3A%20Blizzard%20Entertainment%0D%3Cbr%3EPublisher%3A%20Blizzard%20Entertainment%0D%3Cbr%3EConsole%3A%20PC%2C%20PS5%2C%20XSX%0D%3Cbr%3ERelease%20date%3A%20June%3C%2Fp%3E%0A
Baldur's%20Gate%203
%3Cp%3EDeveloper%3A%20Larian%20Studios%0D%3Cbr%3EPublisher%3A%20Larian%20Studios%0D%3Cbr%3EConsole%3A%20PC%0D%3Cbr%3ERelease%20date%3A%20August%3C%2Fp%3E%0A
The%20Legend%20of%20Zelda%3A%20Tears%20of%20The%20Kingdom
%3Cp%3EDeveloper%3A%20Nintendo%0D%3Cbr%3EPublisher%3A%20Nintendo%0D%3Cbr%3EConsole%3A%20Nintendo%20Switch%0D%3Cbr%3ERelease%20date%3A%20September%3C%2Fp%3E%0A
Marvel's%20Spider-Man%202
%3Cp%3EDeveloper%3A%20Insomniac%20Games%0D%3Cbr%3EPublisher%3A%20PlayStation%0D%3Cbr%3EConsole%3A%20PS5%0D%3Cbr%3ERelease%20date%3A%20Fall%3C%2Fp%3E%0A
Assassin's%20Creed%20Mirage
%3Cp%3EDeveloper%3A%20Ubisoft%0D%3Cbr%3EPublisher%3A%20Ubisoft%0D%3Cbr%3EConsole%3A%20PC%2C%20PS5%2C%20XSX%2C%20Amazon%20Luna%0D%3Cbr%3ERelease%20date%3A%202023%3C%2Fp%3E%0A
Starfield
%3Cp%3EDeveloper%3A%20Bethesda%20Game%20Studios%0D%3Cbr%3EPublisher%3A%20Bethesda%20Softworks%0D%3Cbr%3EConsole%3A%20PC%2C%20Xbox%0D%3Cbr%3ERelease%20date%3A%202023%3C%2Fp%3E%0A
The%20specs
%3Cp%3E%3Cstrong%3EPowertrain%3A%20%3C%2Fstrong%3ESingle%20electric%20motor%0D%3Cbr%3E%3Cstrong%3EPower%3A%20%3C%2Fstrong%3E201hp%0D%3Cbr%3E%3Cstrong%3ETorque%3A%20%3C%2Fstrong%3E310Nm%0D%3Cbr%3E%3Cstrong%3ETransmission%3A%20%3C%2Fstrong%3ESingle-speed%20auto%0D%3Cbr%3E%3Cstrong%3EBattery%3A%20%3C%2Fstrong%3E53kWh%20lithium-ion%20battery%20pack%20(GS%20base%20model)%3B%2070kWh%20battery%20pack%20(GF)%0D%3Cbr%3E%3Cstrong%3ETouring%20range%3A%20%3C%2Fstrong%3E350km%20(GS)%3B%20480km%20(GF)%0D%3Cbr%3E%3Cstrong%3EPrice%3A%20%3C%2Fstrong%3EFrom%20Dh129%2C900%20(GS)%3B%20Dh149%2C000%20(GF)%0D%3Cbr%3E%3Cstrong%3EOn%20sale%3A%3C%2Fstrong%3E%20Now%3C%2Fp%3E%0A
Islamophobia definition
A widely accepted definition was made by the All Party Parliamentary Group on British Muslims in 2019: “Islamophobia is rooted in racism and is a type of racism that targets expressions of Muslimness or perceived Muslimness.” It further defines it as “inciting hatred or violence against Muslims”.
Frankenstein in Baghdad
Ahmed Saadawi
Penguin Press
COMPANY PROFILE
Initial investment: Undisclosed
Investment stage: Series A
Investors: Core42
Current number of staff: 47
Meydan racecard:
6.30pm: Handicap | US$135,000 (Dirt) | 1,400 metres
7.05pm: Handicap | $135,000 (Turf) | 1,200m
7.40pm: Dubai Millennium Stakes | Group 3 | $200,000 (T) | 2,000m
8.15pm: UAE Oaks | Group 3 | $250,000 (D) | 1,900m
8.50pm: Zabeel Mile | Group 2 | $250,000 (T) | 1,600m
9.20pm: Handicap | $135,000 (T) | 1,600m
Countries offering golden visas
UK
Innovator Founder Visa is aimed at those who can demonstrate relevant experience in business and sufficient investment funds to set up and scale up a new business in the UK. It offers permanent residence after three years.
Germany
Investing or establishing a business in Germany offers you a residence permit, which eventually leads to citizenship. The investment must meet an economic need and you have to have lived in Germany for five years to become a citizen.
Italy
The scheme is designed for foreign investors committed to making a significant contribution to the economy. Requires a minimum investment of €250,000 which can rise to €2 million.
Switzerland
Residence Programme offers residence to applicants and their families through economic contributions. The applicant must agree to pay an annual lump sum in tax.
Canada
Start-Up Visa Programme allows foreign entrepreneurs the opportunity to create a business in Canada and apply for permanent residence.
The low down
Producers: Uniglobe Entertainment & Vision Films
Director: Namrata Singh Gujral
Cast: Rajkummar Rao, Nargis Fakhri, Bo Derek, Candy Clark
Rating: 2/5
RUGBY CHAMPIONSHIP FIXTURES
September 30
South Africa v Australia
Argentina v New Zealand
October 7
South Africa v New Zealand
Argentina v Australia
Benefits of first-time home buyers' scheme
- Priority access to new homes from participating developers
- Discounts on sales price of off-plan units
- Flexible payment plans from developers
- Mortgages with better interest rates, faster approval times and reduced fees
- DLD registration fee can be paid through banks or credit cards at zero interest rates
THE DETAILS
Director: Milan Jhaveri
Producer: Emmay Entertainment and T-Series
Cast: John Abraham, Manoj Bajpayee
Rating: 2/5
Diriyah%20project%20at%20a%20glance
%3Cp%3E-%20Diriyah%E2%80%99s%201.9km%20King%20Salman%20Boulevard%2C%20a%20Parisian%20Champs-Elysees-inspired%20avenue%2C%20is%20scheduled%20for%20completion%20in%202028%3Cbr%3E-%20The%20Royal%20Diriyah%20Opera%20House%20is%20expected%20to%20be%20completed%20in%20four%20years%3Cbr%3E-%20Diriyah%E2%80%99s%20first%20of%2042%20hotels%2C%20the%20Bab%20Samhan%20hotel%2C%20will%20open%20in%20the%20first%20quarter%20of%202024%3Cbr%3E-%20On%20completion%20in%202030%2C%20the%20Diriyah%20project%20is%20forecast%20to%20accommodate%20more%20than%20100%2C000%20people%3Cbr%3E-%20The%20%2463.2%20billion%20Diriyah%20project%20will%20contribute%20%247.2%20billion%20to%20the%20kingdom%E2%80%99s%20GDP%3Cbr%3E-%20It%20will%20create%20more%20than%20178%2C000%20jobs%20and%20aims%20to%20attract%20more%20than%2050%20million%20visits%20a%20year%3Cbr%3E-%20About%202%2C000%20people%20work%20for%20the%20Diriyah%20Company%2C%20with%20more%20than%2086%20per%20cent%20being%20Saudi%20citizens%3Cbr%3E%3C%2Fp%3E%0A
