Keeping a strong password for your online profiles is highly necessary. While many ignore the need for a complex and frequently updated password, cyberattackers wait for such opportunities to attack the vulnerable. One such opportunity led to the closure of a 158-year-old UK firm, which eventually led to the firing of 700 of its employees.
KNP Logistics, a 158-year-old UK transport company, has ceased operations entirely leaving around 700 individuals unemployed, following a devastating cyberattack linked to a compromised employee password. The incident involved a ransomware group, called the Akira gang, breaching KNP’s computer systems.
According to reports from the BBC, hackers gained unauthorised access by guessing an employee’s password, which was reportedly a weak one. The hackers subsequently encrypted the company’s data and locked internal systems. The hackers, after gaining unauthorised access to KNP’s system, encrypted its data, thereby restricting staff access to critical business information.
Hackers encrypted company data, then deleted it
To restore access, the hackers demanded a ransom payment in exchange for the decryption key. The ransom note stated, “If you’re reading this, it means the internal infrastructure of your company is fully or partially dead…Let’s keep all the tears and resentment to ourselves and try to build a constructive dialogue.”
While a specific ransom amount was not disclosed, experts estimated it could have been around 5 million pounds. Unfortunately, KNP was unable to meet the demand, leading to complete data loss and ultimately, the company’s collapse.
Paul Abbott, a director at KNP, confirmed that the breach was indeed due to a compromised password. Abott has not revealed this to the employee responsible though. KNP operated approximately 500 lorries primarily under the Knights of Old brand and reportedly adhered to industry IT standards, possessing cyber-attack insurance.
Richard Horne, CEO of the National Cyber Security Centre (NCSC), emphasised the urgent need for organisations to secure their systems and businesses with stronger and more secure measures. He highlighted that hackers typically exploit existing vulnerabilities rather than innovating new methods. He stated that hackers constantly seek out organisations with weak defenses.
What should organisations do?
While insights into cyberattacks have revealed some key concerns, organisations must prioritise encouraging strong and unique passwords, implement multi-factor authentication (MFA) for login, and conducting regular cybersecurity training for all employees. Furthermore, businesses should regularly back up their data securely, develop robust emergency response plans, and consider subscribing to cyber-attack insurance.
