Insurer Hiscox shows what a cyber attack really looks like by ‘hacking’ a Brompton bike store in Shoreditch

The Background

A recent live activation for insurance provider Hiscox saw staff of the bike manufacturer Brompton get an unpleasant surprise at their store when they arrived to find it had been 'hacked'.

A fake shop, called ‘3rompton Junction’, opened opposite the real Brompton in Shoreditch with lookalike employees and counterfeit merchandise. The clone then launched a series of cyber attack simulations, such as boarding up the genuine store and posting a ransom note asking for Bitcoin in exchange for re-entry and diverting stock deliveries to the duplicate location. The stunt was the latest effort by Hiscox to help small businesses understand the risk of cybercrime.

Hiscox have highlighted this before in their poster campaign, where every pulsing dot on the poster represented a live attack.

And with their experiment to show an AI synthesised ad that replicated its brand voice, illustrating their global knowledge of cyber crime and how to protect against it with their products.

What they did

Members of the public watched in astonishment and bemusement recently as staff at a retailer of the iconic bike manufacturer Brompton arrived to discover their store had been ‘hacked’ by a group of what appear at first glance to be doppelgangers.

The Insurer targeted the bike manufacturer’s retailer network with a staged ‘offline’ cyber attack simulation, to raise awareness of cyber crime and how it feels to be hacked. The imitation store appears overnight containing knock-off counterfeit stock and staff “twins”. 

The supporting fly-on-the-wall film, shows the reactions captured as staff of the original store watch a series of real-world hacks unfold in front of their eyes.

The Big Idea

Common hacking techniques such as ransomware and phishing were brought to life through a series of simulated offline attacks; the real store was boarded up, displaying a ransom note demanding Bitcoin in exchange for re-entry; genuine stock deliveries were diverted to the fake ‘3rompton’ store, highlighting the potential effects of a phishing scam; finally the real Brompton store was flooded with imitation customers overwhelming staff, simulating a denial-of-service (DDoS) attack.

According to the insurer, one in three UK small businesses have suffered a cyber breach and this simulation is the latest initiative in its cyber awareness campaign, set up to highlight this risk.

Robert Hannigan, former director of GCHQ and special advisor to Hiscox, said, “Cyber crime is one of the biggest security risks facing businesses today, but many aren’t taking it seriously and many more are underprepared. It’s a less tangible risk than burglary or a fire which can make it hard for businesses to grasp, so bringing cyber crime to life with an exercise like this is a useful way of conveying an important message.

“The hacking techniques being simulated such as ransomware and phishing are extremely commonplace and have been for many years.  At the same time, new types of cyber crime continue to emerge, which makes staying on top of cyber security an ever-evolving challenge.”