LPRC - CrimeScience – The Weekly Review – Episode 117 with Dr. Read Hayes, Tom Meehan & Tony D’Onofrio
Episode Date: August 26, 2022The LPRC IMPACT Agenda and Conference Steaming Ahead! A Possible Shrink in E-Commerce Growth! In this week’s episode, our co-hosts discuss the increase in foot traffic in Oxford Street UK, Dr. Fauci... stepping down from role, a discussion on inventory challenges from Q2, a look into cyber ransomware against first responders, and a look at the midterm elections potential threats. Listen in to stay updated on hot topics in the industry and more! The post CrimeScience – The Weekly Review – Episode 117 with Dr. Read Hayes, Tom Meehan & Tony D’Onofrio appeared first on Loss Prevention Research Council.
Transcript
Discussion (0)
Hi, everyone, and welcome to Crime Science. In this podcast, we explore the science of
crime and the practical application of this science for loss prevention and asset protection
practitioners as well as other professionals. Welcome, everybody, to another episode of
Crime Science, the podcast. This is the latest in our weekly update series and joined as
always by our co-presenters, Tom Meehan and Tony D'Onofrio and our producer, Diego Rodriguez.
And we're going to come go ahead and go through little bits of information, updates, insights.
And what I'll do is, you know, I think all of us are a little beyond fatigued about COVID-19
and SARS-CoV-2. But it continues. Lately, we've been running, it looks like,
about 93,000 reported infections weekly, new incremental, comparatively to last year,
which is around 150,000. So, you know, it seems to have crossed that point now for the last few
weeks where 22 is below 21, which is a reversal where it was the opposite
direction. At the same time, what their deaths attributed to COVID-19 infections are down
less than half in some figures, about half in others, too, compared to this time last year.
So just getting an idea that still a lot of
people infected. I know people personally that have been infected recently, and I'm sure many,
many, many of you all do. So, we know it's still a situation. We're seeing a lot now,
whether there's new research, it looks like, on top of older research, but a lot of discussion in literature and media around long COVID or
persistent COVID and how damaging is it to dementia, to psychological functioning, to
depression, to physical ailments, chronic fatigue, and things like that. And these things are
difficult, it looks like, to diagnose and attribute and things. And we've talked about on this podcast,
false attribution error, where any or all of us are prone to assigning blame to one or more
causes when we really don't know, uh, whatever it is in politics and crime and family matters,
whatever it is, and the same thing with disease. So it's's very difficult because we're all so complicated and what we're
exposed to is as well. So, but there are three, there are probably many hypotheses about why some
people, as many as one in five, there are at least three studies I found that indicate at least one
in five individuals infected with the COVID-19 will experience some or all types of long COVID symptoms,
be affected longer than the acute infection phase. And again, we see that some infections,
as many as 55%, do not even experience or realize they've got symptoms. And any or all of us could
fit into that category as well. But some of
the three hypotheses or three of them, one is that there's cellular damage to the blood flow and that
results in fatigue. We're not as efficient or capable, whether and how long this will persist
or is this lifetime and maybe it's all the above depending on the individual, but they're just less able to handle satisfactory
blood flow to every single part of our bodies in the same way as we might have before being
infected with COVID-19 disease. So, the other one is post-acute persistence that they just don't
know why, but it looks like while the body does a good job, our different
immune systems handling the infection, even clearing that not as, but we don't completely
clear some people, the infection, or maybe some pockets within our body at some microscopic level
that harbor the virus, some of the deleterious effects. So, the third one is that, again, and we heard this
a lot with a lot of the deaths early on with COVID-19 going back to 2020, particularly where
our immune system may have gone awry, overreacted, was altered, something just went horribly wrong
or partially wrong, and so that may or may not resolve over time. And so, those are three of
the reasons that we might be seeing that. There seems to be, while it may occur for some longer
term than the acute infection phase, maybe even years, again, we don't know how long it's been
around, but probably no more than two and a half years, something like that. So will this be the same for many of us or any of us that have long COVID, if you will, beyond that mark?
Is this going to go on for months and years beyond that?
So we'll have to see. Those that were vaccinated, fully vaccinated, seem to have a lower rate, but not much lower rate of long COVID if they did get infection.
So we know that the treatments are many they're trying to look at, but it's difficult if they
don't know what's causing it. Clearly, just like what we do in crime prevention, we need to
understand the causal elements of the situation and how they're interrelated and affect each other.
And that's what we're going to aim at to do something about it. So that's what's going on
with disease the same way. So looking over at the treatments, that's where they're working. We see
that there are dozens, if not hundreds, it looks like of treatments, research going on both pre
and clinical and clinical. Going over to vaccinated,
we know that, again, the United States sort of stabilized about 200, just over 260 million
Americans have been vaccinated, a quarter of a billion, and just over 5.3 billion humans have
been vaccinated globally. And vaccination continues. We see in other news
that Dr. Fauci at the Infectious Disease Centers under the overall NIH is retiring in December
with 50 years of service, you know, probably served us well in many ways over the last half a century,
and then in other ways probably struggled.
But I think partially could be personality like all of us, partially because the science
is tough.
It's really tough with these viruses and other infectious diseases to fully understand.
And you're getting input and insights from a whole lot of people and trying to make the
call like we all do with all the inputs we have.
But at the end of the day, it will be interesting to see who replaces that role, who fulfills that role, how prominent or preeminent are they and how they help us shape prevention.
And in this case, what we've gone through together globally, our response to something like a pandemic or even an epidemic at a smaller scale.
So very interesting. The clinical human trial, human clinical trials continue with vaccinations, vaccines.
52 in phase one, exploratory dosing, looking for harm, those components, as well as maybe is there some effectiveness, the larger scale phase two trials, 46 vaccine candidates at that
level now, and 52, just over 50 in phase three, large scale, randomized, double blind, where both
the administrator of either the placebo or the
actual vaccine doesn't know which the patient's getting. And of course, the patient doesn't know
what they're getting. That's a double-blind study, right? So, we don't typically carry those off in
criminology because those of us who are conducting an experiment, you know, know who's getting what.
It's much more difficult for us to do a double blind. But in medical studies,
it's easier, obviously, with a pill or with an injectable or something like that. It's tougher
when they do surgical procedure randomized controlled trials because normally the physician
certainly knows what procedure they're implementing there. The patient may or may not.
Hopefully not. So, all right. So, moving on, we'll talk a little bit about impact
coming up again, 3rd through the 5th of October. We continue to get amazing enrollment, amazing
level of sponsorship and engagement by our solution partners. And so, we are continuing to
move at pace with the content development. I was just talking with Diego. We're going to get
out a little more in-depth description of the sessions that you'll find at Impact to give you
an idea of the breadth and scale, the depth of what we'll be looking at, and of course,
looking at the scientific role behind that, what type of research resulted in the session that we're
going to be talking about, the content. But you're going to see quite a bit, obviously,
around theft, whether it's opportunistic or systematic by, say, ORC boosters, for example,
or commercial burglars. We're going to see content around aggression and violence, both by
those that we would call homeless and the harm
that can be created by aggressive street behavior. We're going to be looking, of course, at active
assailant, early threat detection, and better understanding and breaking that down, and ways to,
and tools that might be available, and with body-worn cameras, looking at how those sensors
might help civilize behavior by the wearer and those that are on the other side of the camera.
There's been some good research on law enforcement.
Normally, the studies show that it does work.
Sometimes the effects don't last forever.
There's waning, as we would expect, which means always like what we do in loss prevention and asset protection, we need to continue to keep it fresh, keep changing a little bit to maintain the positive effects that we're looking for out of anything that we do, any treatment.
So you'll see sessions on fraud as well.
Supply chain protection is going to be some really neat content in that area and some of the innovation.
You're going to see some top tech leaders engaged this year at Impact.
And so stay tuned for that. We're using the labs for increasingly interesting and I think cutting
edge research. A major, major tech company, we're getting ready to engage right now and helping them
develop some cutting edge, I think, breakthrough AI models because
the complexity of what they'll be working on and how we're going to simulate that in the
LPRC engagement lab. So we look forward to seeing everybody there. There's probably not a lot of
places that have this kind of content, this much content, the content that comes from research and so on. And then you combine that with these
lab tours and working in these world-class labs that we've got. I think everybody's gonna be
blown away with where we are with our labs at this point and where we'll be really over the next 60
days as more technology is deployed. Many of our tech people are refreshing their technology right now. They're doing more
with integrating that technology. Yesterday, I spent all day literally moving across the
University of Florida campus, having meetings with different UF senior leaders in research,
in engineering, in cybersecurity, and so on. And by the way, the last time it had been to FICS, which is the
University of Florida's Florida Institute for Cybersecurity, they had five faculty. They had
a couple of grad students, maybe five or six grad students, and they took up almost the floor of
this building. Now that I've gone back, I think it's been three years, they have 178 researchers.
They've taken over the entire building, and they've got
three figures in PhD students alone. So the faculty's grown. The research level is in the
millions now from Department of Homeland Security, from the intelligence community, from the
Department of Justice, from the National Science Foundation, or or NSF and other funding sources. So
it's a pretty robust group. It's amazing. And Kevin Butler, Dr. Butler, a professor,
he's worked with the LPRC off and on over the years. He's now the director of that entire
center. So very impressive. So moving on, I'm going to go ahead and get ready to turn it over
today. I'll turn it over to Tom Meehan first, and then Tom over to Tony D'Onofrio, who is
sending his content in for this podcast, but he's traveling the world throughout Europe right now
as we speak. So if I might, Tom, let me turn it over to you. Well, thank you, Reed, and certainly
really excited to join you at Impact, my favorite conference.
And I've had a chance to look at the content, and it's really exciting.
So for those of you listeners that haven't registered, register.
There's still time left, and you won't be sorry.
So I wanted to just kind of talk about a couple different things.
One, by the time you're listening to this, a lot of folks, certainly in the southern portion of the country, your kids are already back in school. So just a reminder of as children are
attending school, if they're using personal computers at home, some just quick tips that
you can do to protect yourself. I talk about this often, and I stress how important it is to make
sure that on your computers, your phones, or any devices that you're applying security updates properly when they're available.
I think there are still stories about, hey, the update broke my device, but the latter of the stories of people having really significant incidents, cyber instances when they don't update, is definitely the worst of the two. And today, more than ever with social media, with
podcasts like this, vulnerabilities and exploits are communicated in real time. So nefarious actors
sometimes just listening to a podcast like this one, find out about something and go ahead and
take advantage of it. Another thing is if you don't have security software on your computer,
take a look at that modern versions of windows.
Do you have really great built-in software to protect,
but generally if you have children of any age on a device,
there's a benefit to going out and buying a security software.
I often say nothing is free.
Keep in mind that there are a lot of free options out there, but make sure you're reading the terms of services and understanding
why it's free, what data you're giving up for that free software, and what is the difference
between the free and paid versions. A lot of these security software packages are dollars a month,
generally below five dollars a month, sometimes as low as $1 or $2 a month.
And it adds a whole different layer of security and information. The other thing to talk about
with your children is to make sure that there is some sort of backup routine in place,
that if there is an event, that you have a way to manage that. And then I think last but certainly not least on your personal computers is look at a password management tool.
I think we're all educated now today about how you don't want to share passwords between accounts,
but that becomes cumbersome when you have very complex passwords that change all the time.
There are a few password management tools out there that are really good. In addition to Chrome, Firefox, Safari, Microsoft
Edge all have built-in password managers. The encryption that stands behind these password
managers are usually better than bank-grade encryption. So the reality is they're much safer than sharing passwords
or using rudimentary passwords.
So just a couple of tips as children go back.
And as I always say, do not mix a work and a personal computer together.
So if you have your work computer, regardless of what security measures are taken,
it does not make sense to allow your children to use your work computer.
Most companies will have policies around that, but sometimes you're out and about and you have your laptop with you and your child needs to look something up or do something, resist that urge.
That's where I would recommend using the mobile device.
So just in the news of camera vulnerabilities, Hikvision cameras, there was an article that was just posted in Bleeping Computer. I think it was actually yesterday. This is not new news,
but just kind of an update. There was a fairly significant X point at the beginning of the year
that was identified, which allowed several
hundred thousand cameras, Hikvision cameras, to be accessible through this flaw or vulnerability.
As of today, we're still seeing upwards of 80,000 devices available free and clear to
access.
clear to access. So back in February, there was a sample dump of about 285,000 internet-facing web servers. And still to this date, about 80,000 are still vulnerable with that exploit.
And when we talk about patching and updating, this is one of the things we continuously
talk about here on the podcast is the importance of it, both from a personal and from a professional standpoint. If you're
using Hikvision cameras today and you haven't made sure that you have the latest
patches and updates, you are susceptible to someone actually gaining access to your network
and the video. And today, just to kind of give some numbers here in the United States, there's still roughly
11,000 cameras that are accessible.
And then when you look at the data that was available, this was all in Russian language,
so some of it had to be translated.
There's about 12,000 in China, 7,000 in Vietnam, and 5,000 or so in the UK. And then it goes down from there.
But to think of in the United States, there's still roughly 11,000 cameras that are accessible
in the wild. So certainly something, if you're listening to this podcast and you use Hikvision,
and I know I was with some folks in the past couple of months that still do use Hikvision,
make sure that you're getting with your IT teams if you don't manage that yourself and actually going out and making sure that they're updated.
The U.S. government, so this is not a new phenomenon, but rather a more newish, if you will, has issued a $10 million bounty or reward on the ransomware group Conte that did this once before without
success. But this is something that, again, we talk about a lot on the podcast here of how the
United States government and how a lot of developed governments are taking a different approach to
kind of counteract some of these very horrific gangs, cyber gangs that are responsible for thousands and thousands of ransomware and cyber instances.
Conti has been probably the most recognized gang of cyber criminals in the last 18 months.
There isn't a lot known about the group. Their pictures are silhouettes of individuals.
And there was a little bit of a fallout.
The Russian group, not Russian government-backed, just in Russia,
there was a little bit of fallout in the beginning of the year
when the war in the Ukraine happened
because there were some Ukrainian folks involved that did leak information about this group, but not enough to lead it to capture of any individuals. So $10 million is out there for information leading to the capture of rewards. And I think they're going to be substantially higher than $10 million
as we continue down this path. This group, it's not directly known how, what the damage that this
group has done, but we do know that there are thousands of instances reported. And they are a
group that targets first responders, 911, and municipalities. So some of the numbers were
in last year, 250 911 call centers were attacked by this breach. But not this breach, I apologize,
this ransomware. And this is a group that is targeting that disruptive methodology of 911 ambulances and healthcare first responders
primarily. So I think we'll continue to see ransomwares like that, and I think we'll continue
to see kind of the growth in that sector. I think switching gears a tiny bit, there has been a tremendous amount of chatter around midterm elections and upcoming elections and civil unrest.
I use the word chatter intentionally because with such an emotionally charged comment, some emotionally charged type of thing here, like the political landscape,
But I'm mostly charged a type of thing here, like the political landscape. Some of it is just chatter where folks are going out and spoke to have kind of predicted some level of civil unrest in major metropolitan cities as we continue to get closer to the midterm piece and even further along towards the actual election.
So you're thinking potentially two years of civil unrest in some fashion.
It is a little bit different here because you don't normally have this level of an intelligence conversation,
both domestically and globally, identifying that this will occur.
So what you're starting to hear when you're talking to folks in this space is not,
it might be a challenge. This is what could occur. This will occur in major metropolitan cities.
With that being said, there's no indication of how violent that would be,
if violent at all, but it's certainly something to manage and to watch here. I know that the
Laws Prevention Research Council has the FusionNet and will continue to monitor
and activate the FusionNet as needed. And I think that for the listeners that don't know
what the FusionNet is, it is basically a tool for loss prevention research council members to use during an event.
It doesn't just need to be civil disturbance, but a major event where we'd activate this and actually have calls as well as a platform to communicate and validate intelligence in real time.
or in real time.
So sharing news, sharing actual posts,
real videos of occurrence,
and then back and forth,
a collaborative environment to actually identify is something actually happening?
Because one of the biggest challenges
with these events is it is happening in real time
and how do you validate it?
And then just last, I'll wrap up with,
because we're talking about active intelligence
and social media monitoring and the fusion net,
there has been more and more reports.
Elon Musk has filed to get more information on Twitter
and the number of fake accounts and misinformation out there.
And it kind of leads me to remind
why something like the fusion net is so important
is that there is a tremendous amount of misinformation.
While social media is a fantastic tool
for us to gather intelligence
and find out what is occurring,
it also, because of its openness
and because of the way it works,
allows bad actors to create fake accounts,
actually change narratives and really push in a direction
to try to curve a story.
And my example always is you can actually see a video of an incident from three different
people, and the narrative will be dramatically different just by cutting a video by five
to 10 seconds.
dramatically different just by cutting a video by five to ten seconds. So when you are using social media to monitor, I can't express how important it is to make sure that there is some
level of validation. And that is actually what the FusionNet was for, is how do we share information
and validate. And with that, I will turn it back. Thank you, Reid. Let me start this week with some
analysis from Retail Dive on what happened in the second quarter for retail in the U.S., especially on topics such as inflation and inventory.
is a potential signs of growth and consumer recovery on the horizon, retailers are still grappling with operational hits that are reverberating from the ongoing pandemic. That is happening
alongside a consumer base that is dealing with inflation by changing its shopping behaviors.
Meanwhile, many retailers are cutting guidance as demand for non-essential goods erodes in some categories.
This quarter, targets of operating income fall 87% year-on-year as gross margins drop
as markdowns increase and costs increase for merchandise shrink and freight.
And keyword there for a lot of this audience is also shrink.
The company said it will be taking markdown and canceling orders, a short-term pain in order to prepare for the last part of the year.
While Walmart performed better than anticipated in Q2,
operating income in the U.S. business fell 6.7%
to the lower operating profits and margins on markdowns.
So here are some direct quotes on inventory that were published in the retail dive on what happened in the quarter with inventory and inflation.
From the CEO of Walmart, quote,
Starting back in March, we knew we needed to act quickly and aggressively in some categories, and we have.
We have made good progress to reduce inventory levels where we focused and taken markdowns.
The aggressive approach we took to move through the apparel in particular put financial pressure on us, but it helped relieve pressure on our stores and through the supply chain.
From the CEO of Target, quote,
Consider the alternative.
We could have held on to excess inventory and attempted to do this slowly over multiple quarters or even years.
While that might have reduced the near-term financial impact, it would have helped back our business over time. Of course, this decision would have driven
incremental costs to store and manage the excess inventory of our longer
period. Much more importantly though, it would have degraded the guest experience.
It would have cluttered our sales force and hampered our ability to present new, fresh, and fashionable items,
the ones that our guests expect. From the Executive Vice President of Merchandising for Home Depot,
quote, we are still having to pull inventory forward. I think if you think about today's
supply chain environment, our focus is to be there for our customers,
to be there for our pros in terms of the right job, lock quantities, and the right timing of events and other activities. So part of the inventory overage is obviously due to the work
in terms of being there for our customers. We have some carryover inventory from the spring season,
but it is really low-risk inventory that we've been managing through and ensuring that we're ready for the next season.
But overall, we feel good about our stock position.
We're managing the inflation of our environment and inventory and will be there for our customers in terms of in-stock.
of in stock. From the CEO of CJMX, quote, we are in a terrific inventory position and we have plenty of open to buy to take advantage of the current environment. This allows us to offer even more
exciting merchandise and value to our shoppers, which is our top priority. When it comes to
inflation, this is what some of the direct quotes from the retailer were in terms of Q2.
From the CEO of Target, quote, while pressure from access inventory has presented the biggest challenge for our team this year,
dealing with higher costs and the volatility in the external supply chain has come a close second.
in the external supply chain has come a close second.
And today, while conditions remain far from what they would have considered normal in the years before the pandemic, there are early signs that both costs
and volatility may have peaked.
From the CFO of Macy's, here's their quote.
When you think about freight and delivery, fuel costs are currently
trending down, but they remain elevated to what we saw earlier in the year. So those are some
really, really interesting perspectives in terms of what's happening in retail in Q2,
and especially with inventory and inflation, which are two hot topics. And they'll project really forward in terms of what we do expect in Q3.
And in my view, targeted the right thing in terms of the inventory.
And so I do think we'll get back on track, but it will be a challenging rest of the year
as flagged by some of the earnings statements from the different companies.
of the earnings statements from the different companies. Switching topics from Statista, interesting news that global e-commerce revenue growth is shrinking for the first time. In what
would be the first ever, e-commerce revenues are forecast to shrink worldwide year on year in 2022.
As quoted in the analysis that was written up in Statista, from Frenchy to fall,
is e-commerce back to normal? This has always been in perspective and many industry groups contest
the comparison of today's growth figures to the pre-COVID-19 data. Nevertheless,
the market is now compelled to tackle substantial questions about how to go forward, even if there is a lot of headwind for the moment.
We still believe online sales will eventually increase and revenue growth will get back on track.
Having spent time actually with some retailers while sitting here in Europe, I can tell you that they're still bullish
in terms of where e-commerce goes next. And as statistics continue, still the expected
net worth growth is to be taken in context of the previous forecast for 2022, which I projected
$481 billion more revenue by the end of the year. Supply chain issue is the largest single weakening factor
with inflation also playing a significant part in the downward revision. The widely expected
global recession and subsequent increase in unemployment leave e-commerce sector significant
hurdles to overcome before we can get back on track.
And finally, as I said, I am in Europe, so some interesting news from the retailgazette.co.uk
website, which reported that Oxford Street retail traffic jumped 24% thanks to the growing
number of international visitors.
thanks to the growing number of international visitors. A combination of factors will also have added to that,
including the heat wave and the start of the school summer holidays.
Major events are also likely to have drawn international visitors in the UK,
including the Women's Euros Championship with the finals hosted in London's Wembley Stadium.
Oxford Street is actually one of my favorite streets in London to visit stores,
and I actually will be there next week,
so I'm looking forward to see what's new in retail
and what are some of the hot trends.
So it's good to see that retail is coming back,
even in places like Oxford Street,
which is really popular and very famous from around the world.
And with that, let me now turn it over to Tom.
All right. Well, thank you so much, Tony, for that information.
Thank you so much, Tom, for all those good insights and reflecting on the LPRC FusionNet program
and all that you and Corey, Logan, but many of our members put into
that program to stand it up so rapidly and to leverage it, I think, fairly masterfully,
especially during the heat of the pandemic and the rioting, the looting, the burning,
the situations we were dealing with was amazing effort by all.
And we continue to work on that. And we always, as Tom was saying, encourage everybody to get
involved, learn more. It's just we have to work collaboratively. There's no way. There's just too
many things going on. And the things that we're dealing with are just too complex and constantly changing. So
we need a way to regularly connect, whether it's pre-planned or in the heat of the moment,
and FusionNet helps us do both, both by text and by voice and by posting and telling all the things
you've heard Tom talk about since we stood up FusionNet. So thanks, everybody out there.
since we stood up using that. So thanks everybody out there. Dial into lpresearch.org,
query us on the website, reach out to operations at lpresearch.org, find out more. You heard Tom,
you heard myself, Tony talking about 2022 version of LPRC Impact. And it's another wonderful way to get together, to learn, to teach, to share, to enjoy each other's company, to build lasting contacts and relationships that you're going to need professionally.
All of us need it, want in all these different areas.
And when you bring together leaders from over 180 corporations here in Gainesville on the campus of the University of Florida go through such great content and have
so many events and opportunities to do that. We strongly encourage each and every one of you to
find out more, get involved, register, come in and work with us. So everybody stay safe,
stay connected, and thank you so much. Thanks for listening to the Crime Science Podcast, presented by the Loss Prevention
Research Council. If you enjoyed today's episode, you can find more crime science episodes and
valuable information at lpresearch.org. The content provided in the Crime Science Podcast
is for informational purposes only and is not a substitute for legal, financial, or other advice.
Views expressed by guests of the Crime Science Podcast are those of the authors and do not
reflect the opinions or positions of the Loss Prevention Research Council.