Hackers breached a 158 year old company by guessing an employee password – experts say it’s a ‘pertinent reminder’ of the devastating impact of cyber crime
A Panorama documentary exposed hackers' techniques and talked to the teams trying to tackle them
A British transport firm was forced to close after 158 years thanks to a single easily-guessed password.
According to a recent episode of BBC's Panorama, Northamptonshire-based KNP - formerly Knights of Old - was hit by a ransomware demand that it couldn't pay.
The resulting incident saw the company fold, putting 700 people out of work and highlighting the devastating real-world impact of cyber attacks.
The hack was the work of the Akira ransomware group, which gained access by guessing one employee’s weak password. Director Paul Abbott said he hadn't told the employee concerned that it had been their error that led to the firm's closure.
"Would you want to know if it was you?" he said.
The hackers demanded a ransom believed to have been as much as £5 million.
"If you're reading this it means the internal infrastructure of your company is fully or partially dead…Let's keep all the tears and resentment to ourselves and try to build a constructive dialogue," the ransom note read.
KNP’s insurers immediately sent in a cyber crisis team, which found that all of the company’s data had been encrypted and that its servers, backup, and disaster recovery systems had all been locked. Unable to pay the ransom, the company was forced to call in administrators.
"The resurfacing of the KNP ransomware incident through the BBC Panorama documentary is a pertinent reminder of the devastating real-world consequences of cyber crime - not only in terms of data loss, but in terms of the livelihoods that can be severely affected by a single compromised password," said Anne Cutler, cybersecurity expert at Keeper Security.
"That simple breach precipitated the complete collapse of a 158-year-old business, costing hundreds of jobs and leaving lasting damage. What’s especially sobering about this story is not that it was unique in any significant way, but rather, that it was typical."
Password security still has a long way to go
Password security has been a key battleground for cybersecurity experts in recent years, with research showing chronically lax practices among consumers and enterprises alike.
A study from Kaspersky last year, for example, analyzed 193 million compromised passwords available on the dark web, finding that 45% could be guessed by hackers within a minute.
"The destruction of KNP, formally Knights of Old, is a truly sad cybersecurity tale,” Tim Ward, CEO and co-founder of Redflags from ThinkCyber.
“But it is also a tale of simple cyber hygiene issues having a critical impact.”
"We have to take the human factor of security more seriously, or we will see more and more of these sad tales,” Ward added.
In a recent government survey, 43% of UK businesses and 30% of charities reported having experienced a cybersecurity breach or attack in the last 12 months - around 612,000 businesses and 61,000 charities in total.
Cutler noted that a common misstep for many organizations is that they assume they wouldn’t be “worthwhile targets” for cyber criminals. The reality is that any target is viable, she added.
“As this Panorama documentary makes clear, ransomware is not just being deployed on major corporations - it’s targeting the resilience of supply chains, service providers, schools, charities, and local employers like KNP."
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
- Nearly half of MSPs admit to having a ransomware kitty
- US healthcare data breaches are out of control
- The ransomware boom shows no signs of letting up
-
Ransomware cartels are fragmenting into volatile splinter groups, warns Met Police cyber chiefNews Commoditized "cyber crime bazaars" and AI data mining are forcing law enforcement to rewrite its playbook
-
New ransomware threat group, The Gentlemen, has become one of the most active ransomware operators, accounting for 10% of all attacksNews NTT researchers warn that the RaaS group is leveraging SystemBC malware to establish covert tunnelling, evade detection, and support rapid lateral movement across enterprise environments
-
Instructure chose to a pay ransom following the Canvas cyber attack – research shows more than half of security leaders would follow suitAnalysis Opting to pay ransoms creates huge risks for enterprises – you’re relying on the word of criminals
-
Ransomware negotiator sentenced for role in major cyber crime groupNews Deniss Zolotarjovs was a key player in a group associated with Conti
-
Threat actors ditch ‘spray and pray’ attacks in shift to targeted exploitationNews A dip in ransomware volumes points to a more targeted approach focused on vulnerability exploitation
-
Security leaders overconfident about ransomware recovery
News Few manage to recover all their data, and many experience business disruption
-
German authorities want your help finding the hackers behind GandCrab and REvilNews Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk are believed to have made millions from ransomware as a service schemes
-
The rise of teen hackers ‘makes for a good headline’, but cyber crime activities peak later in life
News With family responsibilities and mortgages to pay, it's not teenagers dishing out malware or carrying out cyber extortion
