#FactCheck -Scripted Video of Pre-Wedding Roka at Metro Station Misleads Users

Introduction

‍

The recent cyber-attack on Jaguar Land Rover (JLR), one of the world's best-known car makers, has revealed extensive weaknesses in the interlinked character of international supply chains. The incident highlights the increasing cybersecurity issues of industries going through digital transformation. With its production stopped in several UK factories, supply chain disruptions, and service delays to its customers worldwide, this cyber-attack shows how cyber events can ripple into operation, finance, and reputation risks for large businesses.

The Anatomy of a Breakdown

‍

Jaguar Land Rover, a Tata Motors subsidiary, was forced to disable its IT infrastructure because of a cyber-attack over the weekend. This shut down was already an emergency shut down to mitigate damage and the disruption to business was serious. 

• No Production - The car plants at Halewood (Merseyside) and Solihull (West Midlands) and the engine plant (Wolverhampton) were all completely shut down.
• Sales and Distribution: Car sales were significantly impaired during a high-volume registration period in September, although certain transactions still passed through manual procedures.
• Global Effect: The breakdown did not reach only the UK, dealers and fix experts across the world, including in Australia, suffered with inaccessible parts databases.

JLR called the recovery process "extremely complex" as it involved a controlled recovery of systems and implementing alternative workarounds for offline services. The overall effects include the immediate and massive impact to their suppliers and customers, and has raised larger questions regarding the sustainability of digital ecosystems in the automobile value chain.

‍

The Human Impact: Beyond JLR's Factories

‍

The implications of the cyber-attack have extended beyond the production lines of JLR:

• Independent Garages: Repair centres such as Nyewood Express of West Sussex indicated that they could not use vital parts databases, which brought repair activities to a standstill and left clients waiting indefinitely.
• Global Dealers: Land Rover experts as distant as Tasmania indicated total system crashes, highlighting global dependency on centralized IT systems.
• Customer Frustration: Regular customers in need of urgent repairs were stranded by the inability to order replacement parts from original manufacturers.

This attack is an example of the cascading effect of cyber disruptions among interconnected industries, a single point of failure paralyzing complete ecosystems.

‍

The Culprit: The Hacker Collective

‍

The hack is justifiably claimed by a so-called hacker collective "Scattered Lapsus$ Hunters." The so-called hacking collective says that it consists of young English-speaking hackers and has previously targeted blue-chip brands like Marks & Spencer. While the attackers seem not to have publicly declared whether they exfiltrated sensitive information or deployed ransomware, they went ahead and posted screenshots of internal JLR documents-the kind of documents that probably are not supposed to see the light of day, including troubleshooting guides and system logs-implicating what can only be described as grossly unauthorized access into some of Jaguar Land Rover's core IT systems.

Jaguar Land Rover had gone on record to claim with no apropos proof or evidence that it probably did not see anyone getting into customer data; however, the very occurrence of this attack raises some very serious questions on insider threats, social engineering concepts, and how efficient cybersecurity governance architectures really are.

‍

Cybersecurity Weaknesses and Lessons Learned

‍

The JLR attack depicts some of the common weaknesses associated with large-scale manufacturing organizations:

1. Centralized IT Dependencies: Today's auto firms are based on worldwide IT systems for operations, logistics, and customer care. Compromise can lead to broad outages.
2. Supply Chain Vulnerabilities: Tier-2 and Tier-1 suppliers use OEM systems for placing and tracing components. Interrupting at the OEM level automatically stops their processes.
3. Inadequate Incident Visibility: Several suppliers complained about no clear information from JLR, which increased uncertainty and financial loss.
4. Rise of Youth Hacking Groups: Involvement of youth hacker groups highlight the necessity for active monitoring and community-level cybersecurity awareness initiatives.

‍

Broader Industry Context

‍

With ever-increasing cyber-attacks on the automotive industry, an area currently being rapidly digitalised through connected cars, IoT-based factories, and cloud-based operations, this series of incidents falls within such a context. In 2023, JLR awarded an £800 million contract to Tata Consultancy Services (TCS) for services in support of the company's digital transformation and cybersecurity enhancement. This attack shows that, no matter how much is spent, poorly conceptualised security programs can never stand up to ever-changing cyber threats.

‍

What Can Organizations Do? – Cyberpeace Recommendations

‍

To contain risks and develop a resilience against such events, organizations need to implement a multi-layered approach to cybersecurity:

1. Adopt Zero Trust Architecture - Presume breach as the new normal. Verify each user, device, and application before access is given, even inside the internal network.
2. Enhance Supply Chain Security - Perform targeted assessments on a routine basis to identify risk factors in diminishing suppliers. Include rigorous cybersecurity provisions in the agreements with suppliers, namely disclosure of vulnerabilities and the agreed period for incident response.
3. Durable Backups and Their Restoration - Backward hampers are kept isolated and encrypted to continue operations in case of ransomware incidents or any other occur in system compromise.
4. Periodic Red Team Exercises - Simulate cyber-attacks on IT and OT systems to examine if vulnerabilities exist and evaluate current incident response measures.
5. Employee Training and Insider Threat Monitoring - Social engineering being the forefront of attack vectors, continuous training and behavioural monitoring will have to be done to avoid credential disposal.
6. Public-Private Partnership - Interact with several government agencies and cybersecurity groups for sharing threat intelligence and enforcing best practices complementary to ISO/IEC 27001 and NIST Cybersecurity Framework.

Conclusion

‍

The hacking at Jaguar Land Rover is perhaps one of a thousand reminders that cybersecurity can no longer be seen as a back-office job but rather as an issue of business continuity at the very core of the organization. In the process of digital transformation, the attack surface grows, making the entities targeted by cybercriminals. Operation security demands that cybersecurity be ensured on a proactive basis through resilient supply chains and stakeholders working together. The JLR attack is not an isolated event; it is a warning for the entire automobile sector to maintain security at every level of digitalization.

‍

References

• https://www.bbc.com/news/articles/c1jzl1lw4y1o
• https://www.theguardian.com/business/2025/sep/07/disruption-to-jaguar-land-rover-after-cyber-attack-may-last-until-october
• https://uk.finance.yahoo.com/news/jaguar-factory-workers-told-stay-073458122.html

‍

Executive Summary
‍

A video showing people running amid smoke and chaos during an attack is being widely shared on social media with the claim that it depicts an Iranian strike on Israel. The clip, around 29 seconds long, shows thick black smoke rising as people flee the scene, with voices heard calling for help. However, research by the CyberPeace found that the claim is misleading. The video is actually from the September 2001 attacks on the World Trade Center in the United States.

‍

Claim:
‍

The video has been shared on Facebook with a caption claiming, “Iran has launched its most powerful attack on Israel. Thousands of soldiers have reportedly been killed. Massive protests have erupted within the country, and Israel appears completely helpless.”

• https://www.facebook.com/reel/4317571078525937 
• https://archive.ph/Ui04h 

‍

‍

‍

Fact Check:
‍

To verify the claim, we conducted a reverse image search using keyframes from the viral video. This led us to a longer version of the same footage uploaded on YouTube on September 11, 2016.

• https://www.youtube.com/watch?v=Bs1bl24oApM 

‍

‍

The relevant portion appears around the 2-minute 9-second mark. The video description identifies the footage as part of the September 2001 attacks on the World Trade Center in New York. Further, we found the same video in an archive folder on a website associated with the US Department of Commerce, which contains multiple images and videos related to the 9/11 attacks. This further confirms the origin of the footage.

‍

‍

Conclusion:
‍

The viral claim is false. The video does not show an Iranian attack on Israel. It is from September 2001 and depicts the aftermath of the World Trade Center attacks in New York, USA.

‍

Executive Summary

‍

A video showing a group of people wearing Muslim caps raising provocative slogans against the Rashtriya Swayamsevak Sangh (RSS) is being widely shared on social media. Users sharing the clip claim that the incident took place recently in Uttar Pradesh. However, CyberPeace research found the claim to be false. The probe established that the video is neither recent nor related to Uttar Pradesh. In fact, the footage dates back to 2022 and is from Telangana. The slogans heard in the video were raised during a protest against Goshamahal MLA T. Raja Singh, and the clip is now being circulated with a misleading claim.

‍

Claim

‍

On January 21, 2026, a user on social media platform X (formerly Twitter) shared the video claiming it showed people in Uttar Pradesh chanting slogans such as, “Kaat daalo saalon ko, RSS walon ko” and “Gustakh-e-Nabi ka sar chahiye.” The post suggested that such slogans were being raised openly in Uttar Pradesh despite strict law enforcement. Links to the post and its archive are provided below.

‍

• https://x.com/PrashantRaj0man/status/2013814260963725477 
• https://archive.ph/YCJcD 

‍

‍

Fact Check:

‍

To verify the claim, CyberPeace research conducted a reverse image search using keyframes from the viral video. The same footage was found on a Facebook account where it had been uploaded on August 26, 2022, indicating that the video is not recent.

‍

• https://www.facebook.com/watch/?v=777613956717744 

‍

‍

Further verification led the team to a report published by news portal OpIndia on August 25, 2022, which featured identical visuals from the viral clip. According to the report, the video showed a protest march organised against BJP MLA T. Raja Singh following his alleged controversial remarks about Prophet Muhammad. The report identified one of the individuals in the video as Kaleem Uddin, who was allegedly heard raising the slogan “Kaat daalo saalon ko,” to which the crowd responded “RSS walon ko.” The slogan was linked to incitement against RSS members.

‍

• https://www.opindia.com/2022/08/kaat-dalo-saalon-ko-islamists-in-telangana-raise-slogans-to-murder-rss-swayamsevaks-1-arrested/ 

‍

To confirm the location, the video was examined closely. A shop sign reading “Royal Time House” was visible in the footage. Using Google Street View, the same shop was located in Nalgonda, Telangana, conclusively establishing that the video was filmed there and not in Uttar Pradesh.

• https://www.google.com/maps/place/Royal+Time+House/@17.0511236,79.268241,3a,75y,211.14h,100.53t/data=!3m7!1e1!3m5!1svySyf6BUJjeNweAIUFU_XA!2e0!6shttps:%2F%2Fstreetviewpixels-pa.googleapis.com%2Fv1%2Fthumbnail%3Fcb_client%3Dmaps_sv.tactile%26w%3D900%26h%3D600%26pitch%3D-10.530002028266466%26panoid%3DvySyf6BUJjeNweAIUFU_XA%26yaw%3D211.135371960106!7i13312!8i6656!4m15!1m8!3m7!1s0x3bcb299ff16e2119:0xcc28d354c4c2686f!2sRoyal+Time+House!8m2!3d17.0510658!4d79.2681524!10e5!16s%2Fg%2F1hm3jmwx_!3m5!1s0x3bcb299ff16e2119:0xcc28d354c4c2686f!8m2!3d17.0510658!4d79.2681524!16s%2Fg%2F1hm3jmwx_?entry=ttu&g_ep=EgoyMDI2MDEyMS4wIKXMDSoKLDEwMDc5MjA2N0gBUAM%3D

‍

‍

Conclusion

‍

CyberPeace research confirmed that the viral video is from 2022 and was recorded in Telangana, not Uttar Pradesh. The clip is being falsely circulated with a misleading claim to give it a communal and political angle.

‍