Ancient business shuts down following ransomware incident triggered by a single guessed password, resulting in 700 layoffs as hackers demand an unattainable ransom

Ancient business shuts down following ransomware incident triggered by a single guessed password, resulting in 700 layoffs as hackers demand an unattainable ransom

In a shocking turn of events, Knights of Old (KNP), a UK-based transportation company, has fallen victim to a ransomware attack that has crippled its operations and left around 500 trucks off the road. The attackers, named as 'Akira' in a BBC report, encrypted and locked KNP's operational data, demanding a ransom.

The attackers gained access to KNP's internet systems via a weak password used by an employee at the firm, highlighting the importance of strong password practices. The password, according to a report, was so weak it was guessed correctly.

In response to the attack, KNP had taken out insurance against cyberattacks, and its provider, Solace Global, sent a "cybercrisis" team to help. However, no specific new ransom demands or actions taken by KNP or Solace Global in response to the current situation have been made public.

The UK government's National Cyber Security Centre (NCSC) is working to make the UK one of the safest places for online activity. Recognising the growing problem of ransomware operations, where money can be directly extracted by criminals, they are advocating for proactive measures to prevent such attacks.

Proactive Measures for Ransomware Prevention

Current recommendations for proactive cybersecurity measures to prevent ransomware attacks like the one experienced by Knights of Old centre on multiple fronts. These strategies include:

1. Comprehensive Asset Discovery and Visibility: Regularly auditing network assets, technologies, and software helps identify vulnerable or unpatched devices early and detect suspicious activity faster.
2. Robust Patch Management Framework: Prioritising patching of externally facing devices, such as VPNs, followed by systems that contain or provide access to critical information, is essential to close vulnerabilities ransomware groups exploit.
3. Network Segmentation and Tiered Architecture: Designing network layers that logically separate critical systems, applications, and data from routine user traffic limits ransomware’s ability to move laterally and improves detection of abnormal behavior on critical systems.
4. Strengthening Email Security and User Awareness: Implementing strong email filtering to block phishing attempts and conducting regular cybersecurity training for employees can help recognise phishing red flags and avoid risky behaviors.
5. System and Software Hygiene: Maintaining up-to-date operating systems and software, removing legacy vulnerabilities, and conducting disciplined vulnerability assessments and timely remediation are crucial.
6. Use of Antivirus, Firewalls, and Access Controls: Deploying comprehensive endpoint antivirus and anti-malware alongside well-configured firewalls, restricting unnecessary outbound internet access from servers and devices, and enforcing multi-factor authentication for all remote and critical accounts are essential.
7. Data Protection: Applying full-disk encryption and implementing granular file access policies can prevent boot-level tampering and reduce the risk of data exfiltration or mass encryption.

These combined proactive strategies are supported by recent cybersecurity reports and are highly relevant to preventing attacks similar to the Knights of Old incident.

The Cost of Ransomware Attacks

A typical ransom demand for an afflicted UK company is around £4 million ($5.4 million). Proposals for prevention include banning public bodies from paying ransoms and enforcing private companies' reporting of ransoms to the government. It is crucial for companies to consider the long-term implications of paying ransoms, as it could potentially fund further attacks and perpetuate the problem.

The collapse of Knights of Old serves as a stark reminder of the devastating impact ransomware attacks can have on businesses and the importance of proactive cybersecurity measures. Approximately 700 people have lost their jobs due to the attack, underscoring the human cost of such incidents.

As the UK government continues to work towards making the UK one of the safest places for online activity, it is hoped that companies will take heed of the proactive measures outlined above and invest in robust cybersecurity defenses to protect themselves from the growing threat of ransomware attacks.

[1] Cybersecurity Dive: Ransomware attacks on the rise, and the strategies to combat them [2] CSO Online: 7 essential ransomware defense strategies for businesses [3] TechTarget: 10 steps to improve your ransomware defenses [4] Forbes: 5 Ways To Protect Your Business From Ransomware

1. By adopting comprehensive asset discovery and visibility, robust patch management, network segmentation, strengthened email security, system hygiene, use of antivirus, firewalls, access controls, data protection, and implementing proactive measures outlined in cybersecurity reports, businesses can diminish their susceptibility to ransomware attacks, as demonstrated by the incident involving Knights of Old.
2. Given the high ransom demands, such as the £4 million typically requested from UK companies, and the potential consequences of paying ransoms funding more attacks, companies are urged to carefully consider the long-term implications and instead prioritize proactive cybersecurity measures to prevent ransomware attacks.
3. In light of the growing threat of ransomware attacks and the human cost they entail, as seen by the loss of approximately 700 jobs due to the Knights of Old incident, it is essential for UK businesses to invest in robust cybersecurity defenses to ensure safety in the digital landscape, following the efforts of the UK government to make the UK one of the safest places for online activity.

Read also: