Tech
Pulling the plug: A way to halt a cyber attacker in your network? | Computer Weekly
There’s a cyber attack under way. An intruder is inside your network: moving freely, collecting data, and setting up a command-and-control (C&C) node for future communication. Except this time, you’re watching them – you can see what they’re doing. The dilemma remains: what do you do? Allow them to continue traversing the network while you operate, wait for forensic specialists to arrive or find a way to stop them?
Earlier this year, a BBC news report on the Co-op incident claimed that the IT team at the UK retailer “made the decision to take computer services offline, preventing the criminals from continuing their hack”.
The criminals sent a message to the BBC, stating: “Co-op’s network never ever suffered ransomware. They yanked their own plug – tanking sales, burning logistics and torching shareholder value.”
In its statement, Co-op said it “took early and decisive action to protect our Co-op, including restricting access to some systems”, which helped to contain the issue, prevent further data being accessed and protect the wider organisation.
When questioned at the Business and Trade Sub-Committee in July, Co-op representatives did not use the phrase “pulling the plug” directly. But Rob Elsey, group chief digital information officer at Co-op, said VPN and remote access were restricted “as a way of ensuring that we were able to keep the criminals out of our systems”.
Elsey explained that software within its network was “effectively trying to communicate with a threat actor’s website”, and after identifying the source, the team took the proactive measure of pausing all communication within that zone.
This, he stressed, was not “pulling the plug”. Co-op’s systems “are heavily segregated, which means this was very much focused on one specific zone”. He told the committee: “Throughout this, all our online business continued to operate normally, and our retail stores and payments are segmented, so they were not part of this attack.”
Which plug do you pull?
Whether Co-op truly pulled the plug is open to interpretation. But in the wake of recent rulings on ransomware payments, the option to take immediate action may lead to more pragmatic decisions.
Ev Kontsevoy, CEO of Teleport, says that while pulling the plug might be an effective short-term tactic, “it’s a sledgehammer approach, not a strategy”, adding: “Taking systems offline might stop lateral movement or data exfiltration in the moment, but it doesn’t solve the root problem: how attackers got in, how long they were there and what they accessed. It also causes unnecessary business disruption, which is one of the more tangible impacts of cyber attacks these days. We should not be encouraging even more disruption by taking systems offline.”
Tim Rawlins, director and senior adviser at NCC Group, tells Computer Weekly that it is not as straightforward as simply “pulling a plug”. The critical question, he says, is which plug – one connected to the outside world, or one on the internal network?
“When people talk about pulling out the plug, we don’t want them to turn off systems completely, because then we lose all the volatile forensic evidence – the data in memory. If you pull the plug in the classic ‘turn it off, turn it back on again’ sense, that’s what we lose,” he says.
Instead, Rawlins advises proper network segmentation: “You’re trying to make it harder to get from this segment to that segment. It’s either entirely physically separated, or it’s got firewalls with additional role-based access control.”
Segmenting a network, he adds, is best practice regardless. In the event of an attack, it makes lateral movement more difficult. “If you can pull the network plug, not the power plug, then you can reduce the chances of it spreading off one host onto multiple hosts – and really that is where ‘pulling the plug’ comes in,” Rawlins says.
“There is an element of shutting down things you believe haven’t been compromised. If you can see the route they came in, you can get ahead of that and stop access to it. But you need to make sure it fails gracefully. If you just turn a system off – literally pull the plug – a lot of systems will crash.
“You can instead shut them down so they are dormant and not available to be attacked – that’s what a lot of organisations will do. The shorthand is to pull the plug; the longhand is that you’ve got to think about it a bit more carefully.”
Context matters
The issue is not simply whether to pull the plug, but what the situation demands. In a LinkedIn poll this reporter ran on this subject, 55% of respondents said pulling the plug was the best way to stop an attack in its tracks. However, comments on the poll made it clear that it’s not so binary. One respondent said it was “drastic, last resort stuff”. Others stressed the need to consider “architecture, segmentation, critical servers, type of incident and many more data points” before acting.
Tim Anderson, chief customer officer for the UK at CyberCX, explains that while taking servers offline is a common and often effective step, it is not straightforward and can introduce new risks.
“It’s important to target the right systems,” he says. “Given how interconnected modern computer systems are – both internally and to the internet – switching everything off can be complex, time-consuming and disruptive.
“Where possible, our digital forensics and incident responders prefer ‘surgical’ network isolations of specific systems or portions of the network. This effectively disconnects the impacted systems from the internet, rather than pulling the power. It can contain the attack and allow investigators crucial time to understand the scale and impact.”
Pulling the plug, he acknowledges, can sometimes be effective, but it’s not preferred. It can be highly disruptive, and sophisticated attackers often deploy methods of regaining access once systems come back online.
Admission of failure?
Another angle is perception. If you do pull the plug, are you effectively admitting failure? Rafal Los, podcast host and head of services GTM at ExtraHop, suggests yes. “That’s one of the few things I’d fire a CISO for – you’re having a security issue and you have to shut down business? You’re fired,” he says.
Los cites the 2003 SQL Slammer worm as an example of when networks collapsed entirely, leaving shutdown as the only option. But a mere 18 months later, he says, better practices allowed for more surgical interventions, like shutting down specific network segments or ports.
“In 2025, this cannot be a working strategy,” Los argues. “If the answer is ‘shut it all down’, then you’ve got what you perceive to be an uncontrollable bleed in one of your fingers, and your answer is to lop it off.”
He points out that micro-segmentation and zero trust have been discussed for years. If the playbook still ends with pulling the power cable, that signals you’ve lost visibility and control. “At that point, that is every cyber security expert’s absolute worst nightmare,” he says. “I can’t imagine giving the advice to somebody to just shut it down. That sounds, dare I say it, just irresponsible.”
The precedent
Despite these warnings, there are high-profile examples of shutdowns. According to Newsweek, a 2012 cyber attack on Saudi Aramco saw the Shamoon virus delete hard drives, forcing the company to destroy more than 30,000 computers.
Similarly, the 2021 attack on Colonial Pipeline led to several systems being taken offline to contain the breach. That move temporarily halted pipeline operations and disrupted multiple IT systems.
Los acknowledges there are extreme cases where shutting down everything is the only option. But, he said, if that’s the only solution on the table, it reflects being “wholly unprepared as an organisation”.
Rawlins agreed that cutting internet access mid-attack can sometimes make sense, as it deprives attackers of their command-and-control node. But the wider consequences – what else depends on that connectivity – must be weighed.
Final thoughts
Fictional depictions of cyber security often portray pulling the plug as the dramatic solution. But in reality, it’s rarely the final or best option. More often, it reflects poor network architecture or insufficient segmentation.
The true solution lies in preparedness: segmentation, playbooks and rehearsed incident response plans. In cyber security, switching it off and on again may work for some problems – but when it comes to an active attack, it’s rarely the best option.
Tech giants Meta and TikTok said Tuesday they will obey Australia’s under-16 social media ban but warned the landmark laws could prove difficult to enforce.
Australia will from December 10 force social media platforms such as Facebook, Instagram and TikTok to remove users under the age of 16.
There is keen interest in whether Australia’s sweeping restrictions can work, as regulators around the globe wrestle with the dangers of social media.
Both TikTok and Meta—the parent company of Facebook and Instagram—said the ban would be hard to police, but agreed they would abide by it.
“Put simply, TikTok will comply with the law and meet our legislative obligations,” the firm’s Australia policy lead Ella Woods-Joyce told a Senate hearing on Tuesday.
On paper, the ban is one of the strictest in the world.
But with just over a month until it comes into effect, Australia is scrambling to fill in key questions around enforcement and firms’ obligations.
TikTok warned the “blunt” age ban could have a raft of unintended consequences.
“Experts believe a ban will push younger people into darker corners of the Internet where protections don’t exist,” said Woods-Joyce.
‘Vague’ and ‘rushed’
Meta policy director Mia Garlick said the firm was still solving “numerous challenges”.
It would work to remove hundreds of thousands of users under 16 by the December 10 deadline, she told the hearing.
But identifying and removing those accounts still posed “significant new engineering and age assurance challenges,” she said.
“The goal from our perspective, being compliance with the law, would be to remove those under 16.”
Officials have previously said social media companies will not be required to verify the ages of all users—but must take “reasonable steps” to detect and deactivate underage ones.
Companies found to be flouting the laws face fines of up to Aus$49.5 million (US$32 million).
Tech companies have been united in their criticisms of Australia’s ban, which has been described as “vague,” “problematic,” and “rushed.”
Video streaming site YouTube—which falls under the ban—said this month that Australia’s efforts were well intentioned but poorly thought through.
“The legislation will not only be extremely difficult to enforce, it also does not fulfill its promise of making kids safer online,” local spokeswoman Rachel Lord said.
Australia’s online watchdog recently suggested that messaging service WhatsApp, streaming platform Twitch and gaming site Roblox could also be covered by the ban.
© 2025 AFP
Citation:
Meta and TikTok to obey Australia under-16 social media ban (2025, October 28)
retrieved 28 October 2025
from https://techxplore.com/news/2025-10-meta-tiktok-obey-australia-social.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.
Renewable energy is often pitched as cheaper to produce than fossil fuel energy. To quantify whether this is true, we have been studying the financial impact of expanding wind energy in the UK. Our results are surprising.
From 2010 to 2023, wind power delivered a benefit of £147.5 billion—£14.2 billion from lower electricity prices and £133.3 billion from reduced natural gas prices. If we offset the £43.2 billion in wind energy subsidies, UK consumers saved £104.3 billion compared with what their energy bills would have been without investment in wind generation.
UK wind energy production has transformed over the past 15 years. In 2010, more than 75% of electricity was generated from fossil fuels. By 2025, coal has ceased and wind is the largest source of power at 30%—more than natural gas at 26%.
This massive expansion of UK offshore wind is partly due to UK government subsidies. The Contracts for Difference scheme provides a guaranteed price for electricity generated, so when the price drops below this level, electricity producers still get the same amount of money.
The expansion is also partly due to how well UK conditions suit offshore wind. The North Sea provides both ample winds and relatively shallow waters that make installation more accessible.
The positive contribution of wind power to reducing the UK’s carbon footprint is well known. According to Christopher Vogel, a professor of engineering who specializes in offshore renewables at the University of Oxford, wind turbines in the UK recoup the energy used in their manufacture, transport and installation within 12-to-24 months, and they can generate electricity for 20-to-25 years. The financial benefits of wind power have largely been overlooked though, until now.
Our study explores the economics of wind in the energy system. We take a long-term modeling approach and consider what would happen if the UK had continued to invest in gas instead of wind generation. In this scenario, the result is a significant increased demand for gas and therefore higher prices. Unlike previous short-term modeling studies, this approach highlights the longer-term financial benefit that wind has delivered to the UK consumer.
Central to this study is the assumption that without the additional wind energy, the UK would have needed new gas capacity. This alternative scenario of gas rather than wind generation in Europe implies an annual, ongoing increase in UK demand for gas larger than the reduction in Russian pipeline gas that caused the energy crisis of 2022.
Given the significant increase in the cost of natural gas, we calculate the UK would have paid an extra £133.3 billion for energy between 2010 and 2023.
There was also a direct financial benefit from wind generation in lower electricity prices—about £14.2 billion. This combined saving is far larger than the total wind subsidies in that period of £43.2 billion, amounting to a net benefit to UK consumers of £104.3 billion.
Wind power is a public good
Wind generators reduce market prices, creating value for others while limiting their own profitability. This is the mirror image of industries with negative environmental consequences, such as tobacco and sugar, where the industry does not pay for the increased associated health care costs.
This means that the profitability of wind generators is a flawed measure of the financial value of the sector to the UK. The payments via the UK government are not subsidies creating an industry with excess profits, or one creating a financial drain. They are investments facilitating cheaper energy for UK consumers.
Wind power should be viewed as a public good—like roads or schools—where government support leads to national gains. The current funding model makes electricity users bear the cost while gas users benefit. This huge subsidy to gas consumers raises fairness concerns.
Wind investment has significantly lowered fossil fuel prices, underscoring the need for a strategic, equitable energy policy that aligns with long-term national interests. Reframing UK government support as a high-return national investment rather than a subsidy would be more accurate and effective.
Sustainability, security and affordability do not need to be in conflict. Wind energy is essential for energy security and climate goals—plus it makes over £100 billion of financial sense.
This article is republished from The Conversation under a Creative Commons license. Read the original article.
Citation:
Wind power has saved UK consumers more than £100 billion since 2010—new study (2025, October 28)
retrieved 28 October 2025
from https://techxplore.com/news/2025-10-power-uk-consumers-billion.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.
For over a decade, computer scientist Randy Goebel and his colleagues in Japan have been using a tried-and-true method from his field to advance artificial intelligence in the world of law: a yearly competition.
Drawing on example legal cases taken from the Japanese bar exam, contestants must use an AI system that can retrieve statutes relevant to the cases, and, more crucially, make a decision: did the defendants in the cases break the law, or not?
It’s this yes/no answer that AI struggles with the most, says Goebel—and it raises questions of whether AI systems can be ethically and effectively deployed by lawyers, judges and other legal professionals who face giant dockets and narrow time windows to deliver justice.
The contest has provided the foundation for a new paper in which Goebel and his co-authors outline the types of reasoning AI must use to “think” like lawyers and judges, and describe a framework for imbuing large language models (LLMs) with legal reasoning.
The paper is published in the journal Computer Law & Security Review.
“The mandate is to understand legal reasoning, but the passion and the value to society is to improve judicial decision-making,” Goebel says.
The need for these kinds of tools has been especially critical since the Supreme Court of Canada’s Jordan decision, Goebel says. That decision shortened the length of time prosecutors have to bring a case to trial, and it has resulted in cases as severe as sexual assault and fraud being thrown out of court.
“It’s a very good motivation to say, ‘Let’s enable the judicial system to be faster, more effective and more efficient,'” Goebel says.
Making machines ‘think’ like lawyers
The paper highlights three types of reasoning AI tools must possess to think like legal professionals: case-based, rule-based and abductive reasoning.
Some AI systems, such as LLMs, have proven adept at case-based reasoning, which requires legal experts to examine previous court cases and determine how laws were applied in the past to draw parallels to the current case in question.
Rule-based reasoning, which involves applying written laws to unique legal cases, can also be completed to some extent by AI tools.
But where AI tools struggle the most is with abductive reasoning, a type of logical inference that involves stringing together a plausible series of events that could explain, for example, why a defendant is not guilty of a crime. (Did the man with the knife in his hand stab the victim? Or did a gust of wind blow the knife into his hand?)
“Not surprisingly, abductive reasoning can’t be done by modern large language models, because they don’t reason,” Goebel says. “They’re like your friend who has read every page of Encyclopedia Britannica, who has an opinion on everything but knows nothing about how the logic fits together.”
Combined with their tendency to “hallucinate,” or invent “facts” wholesale, generic LLMs applied to the legal field are at best unreliable and, at worst, potentially career-ending for lawyers.
The important challenge for AI scientists is whether they can develop a reasoning framework that works in conjunction with generic LLMs to focus on accuracy and contextual relevance in legal reasoning, Goebel says.
No one-size-fits-all AI tool
When will we have AI tools that can cut the work of lawyers and judges in half? Perhaps not any time soon.
Goebel says a key takeaway from the competition, and one that is also outlined in the paper, is that using computer programs to aid legal decision-making is relatively new, and there is still a lot of work to be done.
Goebel foresees many separate AI tools employed for different types of legal tasks, rather than a single “godlike” LLM.
Claims made by some in the AI industry that humanity is on the cusp of creating an AI tool that can render “perfect” judicial decisions and legal arguments are absurd, Goebel says.
“Every judge I’ve spoken to has acknowledged there is no such thing as perfect judgment,” he says. “The question is really, ‘How do we determine whether the current technologies provide more value than harm?'”
More information:
Ha Thanh Nguyen et al, LLMs for legal reasoning: A unified framework and future perspectives, Computer Law & Security Review (2025). DOI: 10.1016/j.clsr.2025.106165
Citation:
Is AI ready for the courtroom? New framework tackles the technology’s biggest weaknesses (2025, October 28)
retrieved 28 October 2025
from https://techxplore.com/news/2025-10-ai-ready-courtroom-framework-tackles.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.
AI to take centre stage at Global Sourcing Expo 2025 seminar
Meta and TikTok to obey Australia under-16 social media ban
‘Leech’ Prince Andrew gets exposed as people expose his multi-year freeloading
-
Fashion1 week agoChinese woman charged over gold theft at Paris Natural History Museum
-
Tech7 days agoThis Smart Warming Mug Is Marked Down by $60
-
Fashion1 week agoeBay UK seller fee removal sends revenue down but profits rise
-
Entertainment1 week agoJohn Grisham unveils his first-ever mystery, “The Widow”
-
Tech1 week agoEaster Island’s Moai Statues May Have Walked to Where They Now Stand
-
Tech1 week agoOpenAI has slipped shopping into ChatGPT users’ chats—here’s why that matters
-
Fashion1 week agoNew EU strategy proposed to shape global clean, resilient transition
-
Business1 week agoDhanteras Engine Fires Up Auto Market: Over 1 lakh Cars Delivered In 24 Hours