Greggs closed!
Greggs closed!
The latest big-name high street food retailer to suffer an outage due to IT issues. Is this the start of a concerted cyberwar to send the masses into revolt, an uprising against our government, making us ready to accept our new Russian leaders?
Or has someone been using a default password on their firewalls again.
Or has someone been using a default password on their firewalls again.
Cheers,
Mike.
Mike.
Re: Greggs closed!
I bet they don't use internet-enabled ovens. So hopefully you could buy a warm sausage roll with cash.
Re: Greggs closed!
In related news - we tried these for dinner a few nights back
and nearing completion, mrs mik declared them to be "Nice, but they are really just Tory Steak Bakes".
and nearing completion, mrs mik declared them to be "Nice, but they are really just Tory Steak Bakes".
Re: Greggs closed!
You jest, but more than once I've seen Teamviewer on their screen of their CCTV with the machine name and password on it. In more than one store.Ascender wrote: ↑Wed Mar 20, 2024 11:52 am The latest big-name high street food retailer to suffer an outage due to IT issues. Is this the start of a concerted cyberwar to send the masses into revolt, an uprising against our government, making us ready to accept our new Russian leaders?
Or has someone been using a default password on their firewalls again.
I do wonder if someone managed to do that, and pivot through the network
Re: Greggs closed!
Beany wrote: ↑Wed Mar 20, 2024 12:39 pmYou jest, but more than once I've seen Teamviewer on their screen of their CCTV with the machine name and password on it. In more than one store.Ascender wrote: ↑Wed Mar 20, 2024 11:52 am The latest big-name high street food retailer to suffer an outage due to IT issues. Is this the start of a concerted cyberwar to send the masses into revolt, an uprising against our government, making us ready to accept our new Russian leaders?
Or has someone been using a default password on their firewalls again.
I do wonder if someone managed to do that, and pivot through the network
Unfortunately I don't jest. Like you, I know how these things can be.... I was doing some work recently for a company who are significantly bigger than Greggs in every way and a pen test showed up that exact issue on some very key production devices. The mind boggles.
Cheers,
Mike.
Mike.
Re: Greggs closed!
Fuckin' oof.
They got CyberEssentials/CE+?
They got CyberEssentials/CE+?
Re: Greggs closed!
Don't even mention that dirty word! I've had way more dealings with those things in the last two years than I ever want to have again!
Cheers,
Mike.
Mike.
Re: Greggs closed!
Oh, same. Thankfully a rather smaller estate here, so less to faff about with...
Re: Greggs closed!
Of course they have, I bet they don't segment the IT and OT stuff and it all sits on the same network. Most places until they get a major breach don't really take Cyber seriously, then they shit themselves as the business insurer puts in a load of requirements and you have to pay a load of consultants to try and uplift your posture toute suite as they won't insure you any more.Beany wrote: ↑Wed Mar 20, 2024 12:39 pmYou jest, but more than once I've seen Teamviewer on their screen of their CCTV with the machine name and password on it. In more than one store.Ascender wrote: ↑Wed Mar 20, 2024 11:52 am The latest big-name high street food retailer to suffer an outage due to IT issues. Is this the start of a concerted cyberwar to send the masses into revolt, an uprising against our government, making us ready to accept our new Russian leaders?
Or has someone been using a default password on their firewalls again.
I do wonder if someone managed to do that, and pivot through the network
Re: Greggs closed!
I did some work for a client recently who are committed to being compliant with cyberessentials and it turned out they'd had a massive security breach 6 months previously. "How did you recover from that?" I asked as I tried to get a lay of the land....
"We just turned lots of stuff off".
Yes, but I mean now, 6 months on, where are you with improvements etc?
"We've not turned it all back on"
And somehow they carried on with their business with all these servers and network kit turned off, at local sites, DCs and in the cloud.
"We just turned lots of stuff off".
Yes, but I mean now, 6 months on, where are you with improvements etc?
"We've not turned it all back on"
And somehow they carried on with their business with all these servers and network kit turned off, at local sites, DCs and in the cloud.
Cheers,
Mike.
Mike.
Re: Greggs closed!
My old employer are doing this, they've chucked something like £30k at someone to come 'consult' on their ISO and CE. Which they never have a chance of passing, not without literally rebuilding the company from scratch.drcarlos wrote: ↑Wed Mar 20, 2024 2:43 pmOf course they have, I bet they don't segment the IT and OT stuff and it all sits on the same network. Most places until they get a major breach don't really take Cyber seriously, then they shit themselves as the business insurer puts in a load of requirements and you have to pay a load of consultants to try and uplift your posture toute suite as they won't insure you any more.Beany wrote: ↑Wed Mar 20, 2024 12:39 pmYou jest, but more than once I've seen Teamviewer on their screen of their CCTV with the machine name and password on it. In more than one store.Ascender wrote: ↑Wed Mar 20, 2024 11:52 am The latest big-name high street food retailer to suffer an outage due to IT issues. Is this the start of a concerted cyberwar to send the masses into revolt, an uprising against our government, making us ready to accept our new Russian leaders?
Or has someone been using a default password on their firewalls again.
I do wonder if someone managed to do that, and pivot through the network
I've been enjoying hearing stories about it.
Re: Greggs closed!
With the benefit of hindsight and having living through the breach and then recovery of (I still think it is) the biggest attack in history it was easy at that time to justify capability and tooling spend. We must have paid out half as much in consultancy as the insurers paid out to us too.
Creating havoc is usually only the cover for something more insidious, which is usually data or credential theft so they can sell it on (data wise) or shift money out of accounts by nefarious means.
In a few weeks it wouldn't surpise me if all gregs loyalty card owners data was for sale on the dark web or someone had the creds or email for a financial bod and shifted a large sum from a bank in fradulent transfer.
Creating havoc is usually only the cover for something more insidious, which is usually data or credential theft so they can sell it on (data wise) or shift money out of accounts by nefarious means.
In a few weeks it wouldn't surpise me if all gregs loyalty card owners data was for sale on the dark web or someone had the creds or email for a financial bod and shifted a large sum from a bank in fradulent transfer.