A single weak password is believed to have allowed a ransomware gang to dismantle KNP, a 158-year-old Northamptonshire transport company, resulting in 700 job losses. KNP is among tens of thousands of UK businesses affected by such attacks, including high-profile names like M&S, Co-op, and Harrods. Recently, Co-op reported that data from all 6.5 million of its members had been stolen.
In KNP’s case, hackers gained access by guessing an employee’s password, leading to data encryption and system lockdown. Director Paul Abbott has not informed the employee that their compromised password likely caused the company’s downfall, questioning if they would want to know.
Richard Horne, CEO of the National Cyber Security Centre (NCSC), emphasizes the need for organizations to secure their systems. KNP, which operated 500 lorries under the Knights of Old brand, claimed its IT met industry standards and it had insurance against cyber-attacks.
Despite these precautions, hackers from a group called Akira infiltrated the system, rendering staff unable to access crucial operational data. The ransom note stated, “If you’re reading this, it means the internal infrastructure of your company is fully or partially dead.” Although the hackers did not specify a ransom amount, experts estimated it could be as high as £5 million, a sum beyond KNP’s means. Ultimately, all data was lost, leading to the company’s closure.
The NCSC, part of GCHQ, aims to make the UK the safest place to live and work online, facing a major attack daily. The agency employs intelligence to prevent attacks and remove hackers before they can deploy ransom software.
Statistics indicate about 19,000 ransomware attacks occurred on UK businesses last year, with typical ransom demands around £4 million. About a third of companies choose to pay ransoms. Horne acknowledges a wave of cyber-attacks in recent years, urging companies to improve their cybersecurity measures.
ICYMI: Interior Minister Condemns Ablekuma North Violence, Demands Arrests
The National Crime Agency (NCA) is also focused on apprehending hackers. Suzanne Grimmer, who leads an NCA team, reports incidents have nearly doubled to 35-40 weekly since she took charge. She warns that if current trends continue, 2024 may set a record for ransomware attacks in the UK.
The M&S hack exemplifies new tactics employed by younger hackers, who learn to manipulate IT helpdesks for access. Once inside, they can deploy ransom software purchased on the dark web, making ransomware the most significant cybercrime threat.
Parliament’s Joint Committee on the National Security Strategy has raised alarms about the risk of catastrophic ransomware attacks. The government is considering banning public bodies from paying ransoms and may require private companies to report such incidents.
In the aftermath, Paul Abbott of KNP now shares insights on cyber threats with other businesses, advocating for mandatory proof of up-to-date IT protection akin to a “cyber-MOT.” Despite this, many firms opt to pay hackers rather than report the crime, highlighting the complexities of organized cybercrime.
SOURCE: BBC
