Weak Password Triggers Collapse Of 158-Year-Old UK Company, 700 Jobs Lost
A ransomware gang allegedly breached a 158-year-old UK transport company, KNP Logistics, resulting in the loss of 700 jobs. Hackers are believed to have accessed the company's computer system by guessing an employee's password, subsequently encrypting the data and locking internal systems, BBC reported. KNP's director, Paul Abbott, attributes the breach to a compromised password, but hasn't disclosed this to the responsible employee.
Notably, the transport company operates around 500 lorries, primarily under the Knights of Old brand. Despite adhering to industry IT standards and having cyber-attack insurance, the company fell victim to a ransomware attack by the Akira gang. The hackers gained unauthorised access to KNP's system, encrypting its data and restricting staff access to crucial business information. To regain access, the hackers demanded a ransom payment in exchange for the decryption key.
"If you're reading this, it means the internal infrastructure of your company is fully or partially dead…Let's keep all the tears and resentment to ourselves and try to build a constructive dialogue," read the ransom note.
Although they didn't specify a ransom amount, experts estimated it could be around 5 million pounds. Unfortunately, KNP couldn't afford the payment, leading to complete data loss and ultimately, the company's demise.
Other prominent UK companies, such as M&S, Co-op, and Harrods, have also fallen victim to similar attacks. In Co-op's case, the data of 6.5 million members was stolen.
"We need organisations to take steps to secure their systems, to secure their businesses," says Richard Horne, CEO of the National Cyber Security Centre (NCSC).
Hackers typically exploit existing vulnerabilities rather than innovating new methods. According to Sam, a member of the National Cyber Security Centre (NCSC) team that handles daily attacks, hackers constantly seek out organisations with weak defences to take advantage of them. The NCSC uses intelligence sources to identify potential attacks and intervene before ransomware deployment.
"Jake" (not his real name) was the night duty officer during a recent incident when hackers were stopped. You understand the scale of what's going on, and you want to reduce the harm. It can be thrilling, especially if we're successful," he says.
Hacking is increasing due to its lucrative nature, according to Suzanne Grimmer, head of a team at the National Crime Agency (NCA). Her unit, which conducted the initial assessment of the M&S hack, has seen incidents nearly double to 35-40 per week over the past two years. Ms Grimmer warns that if this trend continues, it may become the worst year on record for ransomware attacks in the UK.
Hacking is becoming more accessible due to the availability of tools and services that don't require advanced technical skills. According to Ms Grimmer, some tactics, such as social engineering, have lowered the barrier for potential attacks. This includes tactics like phone scams, where hackers call IT helpdesks to gain unauthorised access to systems.
Trending News