GlobalData: Cyberattacks on major companies highlight AI and supply chain vulnerabilities, as ingenuity behind attacks is beyond capability of most enterprises to prevent them; battle seemingly lost, as security specialists race to limit AI use by hackers

Sample article from our Logistic & Supply Chain

June 12, 2023 (press release) –

The cyber landscape continues to evolve as major organizations like British Airways, Boots, and the BBC face the aftermath of a crippling cyber attack. With payroll data compromised, attention now turns to the potential targeting of AI vulnerabilities. The battle against cyberattacks seems to have been lost, with vulnerabilities in AI becoming a potential future target, says GlobalData, a leading data and analytics company.

David Bicknell, Principal Analyst, Thematic Intelligence at GlobalData, comments: “The ingenuity behind these attacks is beyond the capability of most enterprises to prevent occurring. They can only take steps to be as resilient as possible. These attacks are tried and tested perhaps more than many realize.”

Analysis by Kroll suggests the Clop ransomware gang has been looking for ways to exploit a now-patched zero-day vulnerability in the MOVEit Transfer managed file transfer (MFT) solution since 2021.

Bicknell adds: “The battle to prevent these sorts of attacks from occurring has already been lost. What is important now is for security specialists – companies, researchers, security vendors, and governments –to put their best efforts into limiting as far as possible the use of artificial intelligence (AI), including generative AI, by hackers for offensive purposes.

“Events this week demonstrated that security researchers can too easily break through so-called guardrails instituted in AI software and manipulate the software into ignoring safety restraints and then revealing private information. If they are not controlled, these vulnerabilities will lead to future AI-driven cyberattacks.”

Rajesh Muru, Principal Analyst, Global Enterprise Cybersecurity Lead at GlobalData, says: “This is a classic case of insufficient risk management posture across company supply chains. Risk management compliance guidelines like NIST go some way to address supply chain cybersecurity risks. However, both user and supplier initiatives around cybersecurity are just not sophisticated enough to drive visibility across the complete supply chain.

“This often leads to end-user enterprises not having visibility on the security posture across the complete supply chain and, more importantly, sufficient time to react.

“The irony of all of this is that Progress very much sells on the premise of secure transferability of sensitive data with MOVEit. The product itself has strong security features, covering cryptographic tamper-evident Logging, Regulatory/Compliance Support (PCI, HIPAA, SOC2, GDPR), and Gateway Reverse Proxy.

“Therefore, it just shows that, even now, with developments in AI and the sheer volume of use cases for it, the question is, is the world moving into a darker place with the potential for adversarial machine learning attacks through vulnerabilities?”

Amy DeCarlo, Principal Analyst, Global IT Hosted and Managed Services at GlobalData, notes: “Clop allegedly exploited a vulnerability in the file transfer software MOVEit to tap personal identifiable information (PII) including names, addresses and banking information.

“This doxware incident, in which instead of cybercriminals encrypting data and demanding ransom in exchange for a decryption key, they threaten to publish the information, is one of a steadily increasing stream of similar incidents.

“Prevention is critical. Organizations need to make sure they are running the most current anti-virus software. Another important defense is end-user education. Attackers often use phishing and other social engineering tactics to breach an enterprise.”

Media Enquiries

If you are a member of the press or media and require any further information, please get in touch, as we're very happy to help.

* All content is copyrighted by Industry Intelligence, or the original respective author or source. You may not recirculate, redistrubte or publish the analysis and presentation included in the service without Industry Intelligence's prior written consent. Please review our terms of use.

See our dashboard in action - schedule an demo
Jason Irving
Jason Irving
- SVP Enterprise Solutions -

We offer built-to-order logistic & supply chain coverage for our clients. Contact us for a free consultation.

About Us

We deliver market news & information relevant to your business.

We monitor all your market drivers.

We aggregate, curate, filter and map your specific needs.

We deliver the right information to the right person at the right time.

Our Contacts

1990 S Bundy Dr. Suite #380,
Los Angeles, CA 90025

+1 (310) 553 0008

About Cookies On This Site

We collect data, including through use of cookies and similar technology ("cookies") that enchance the online experience. By clicking "I agree", you agree to our cookies, agree to bound by our Terms of Use, and acknowledge our Privacy Policy. For more information on our data practices and how to exercise your privacy rights, please see our Privacy Policy.