Lessons amid the breach

What I found most striking about the high profile cyberattacks on retailers M&S and the Coop earlier this year was how worryingly easy they seem to have been.

Such hacks are often credited in news reports as being 'highly sophisticated', conjuring up images of fiendishly clever programmers devising devastating malware on screens densely packed with fast-moving streams of green digits. The reality however seems to be anything but.

The M&S attack reportedly started with our old and commonly encountered enemy, the SIM swap. This is where crooks dupe a mobile phone provider into transferring a victim's phone number to a different SIM card which they control. This allows the criminals to intercept calls, texts and two-factor authentication codes, and use a trusted employee's mobile number to convince IT staff to reset critical login credentials.