{"id":78269,"date":"2025-07-22T01:07:05","date_gmt":"2025-07-22T01:07:05","guid":{"rendered":"https:\/\/sotnews.agency\/?p=78269"},"modified":"2025-07-22T01:07:05","modified_gmt":"2025-07-22T01:07:05","slug":"weak-password-allowed-hackers-to-sink-a-158-year-old-company","status":"publish","type":"post","link":"https:\/\/sotnews.agency\/?p=78269","title":{"rendered":"Weak password allowed hackers to sink a 158-year-old company"},"content":{"rendered":"
\n
\n \t<\/i> Read Time:<\/span>6 Minute, 18 Second <\/div>\n\n <\/div>
\n

One password is believed to have been all it took for a ransomware gang to destroy a 158-year-old company and put 700 people out of work.<\/p>\n

KNP \u2013 a Northamptonshire transport company \u2013 is just one of tens of thousands of UK businesses that have been hit by such attacks.<\/p>\n

Big names such as M&S, Co-op and Harrods have all been attacked in recent months. The chief executive of Co-op confirmed last week that\u00a0all 6.5 million of its members had had their data stolen.<\/a><\/p>\n

In KNP\u2019s case, it\u2019s thought the hackers managed to gain entry to the computer system by guessing an employee\u2019s password, after which they encrypted the company\u2019s data and locked its internal systems.<\/p>\n

KNP director Paul Abbott says he hasn\u2019t told the employee that their compromised password most likely led to the destruction of the company.<\/p>\n

\u201cWould you want to know if it was you?\u201d he asks.<\/p>\n

\u201cWe need organisations to take steps to secure their systems, to secure their businesses,\u201d says Richard Horne, CEO of the National Cyber Security Centre (NCSC) \u2013 where Panorama has been given exclusive access to the team battling international ransomware gangs.<\/p>\n

One small mistake<\/h2>\n

In 2023, KNP was running 500 lorries \u2013 most under the brand name Knights of Old.<\/p>\n

The company said its IT complied with industry standards and it had taken out insurance against cyber-attack.<\/p>\n

But a gang of hackers, known as Akira, got into the system, leaving staff unable to access any of the data needed to run the business. The only way to get the data back, said the hackers, was to pay.<\/p>\n

Paul Abbott\u2019s company KNP was attacked by ransomware hackers<\/figcaption><\/figure>\n

\u201cIf you\u2019re reading this, it means the internal infrastructure of your company is fully or partially dead\u2026Let\u2019s keep all the tears and resentment to ourselves and try to build a constructive dialogue,\u201d read the ransom note.<\/p>\n

The hackers didn\u2019t name a price, but a specialist ransomware negotiation firm estimated the sum could be as much as \u00a35m. KNP didn\u2019t have that kind of money. In the end all the data was lost, and the company went under.<\/p>\n

When KNP went under, 700 people lost their jobs<\/figcaption><\/figure>\n

The National Cyber Security Centre (NCSC) says its goal is \u201cto make the UK the safest place to live and work online\u201d. It says it deals with a major attack every day.<\/p>\n

The NCSC is part of GCHQ, one of the UK\u2019s three main security services alongside MI5 and MI6.<\/p>\n

The hackers are not doing anything new, says \u201cSam\u201d (not his real name), who runs a NCSC team dealing with day-to-day attacks. They are just looking for a weak link, he tells Panorama.<\/p>\n

\u201cThey\u2019re just constantly finding organisations on a bad day and then taking advantage of them.\u201d<\/p>\n

Using intelligence sources, NCSC operatives try to spot attacks and eject hackers from computer systems before they can deploy ransomware.<\/p>\n

\u201cJake\u201d (not his real name) was night duty officer during a recent incident when hackers were stopped.<\/p>\n

\u201cYou understand the scale of what\u2019s going on and you want to reduce the harm,\u201d he says. \u201cIt can be thrilling, especially if we\u2019re successful.\u201d<\/p>\n

But the NCSC can only provide one layer of protection, and ransomware is a growing and lucrative crime.<\/p>\n

\u201cPart of the problem is there are a lot of attackers,\u201d says Sam. \u201cThere aren\u2019t that many of us.\u201d<\/p>\n

Statistics are hard to come by because companies don\u2019t have to report attacks or if they have paid ransoms. However, there were an estimated 19,000 ransomware attacks on UK businesses last year, according to the government\u2019s cybersecurity survey.<\/p>\n

Industry research suggests the typical UK ransom demand is about \u00a34m and that about a third of companies simply pay up.<\/p>\n

Richard Horne, CEO, National Cyber Security Centre, says companies need to step up and improve their cybersecurity<\/figcaption><\/figure>\n

\u201cWe\u2019ve seen a wave of criminal cyber-attacks over the last few years,\u201d says Richard Horne, the NCSC\u2019s CEO. He denies the criminals are winning, but says that companies need to improve their cybersecurity.<\/p>\n

If prevention doesn\u2019t work, another team of officers at the National Crime Agency (NCA) has the job of catching the offenders.<\/p>\n

Hacking is on the rise because it\u2019s such a lucrative crime, says Suzanne Grimmer, who heads a team at the NCA.<\/p>\n

Her unit carried out the initial assessment into\u00a0the M&S hack<\/a>.<\/p>\n

Suzanne Grimmer, National Crime Agency, says hacking attacks have almost doubled<\/figcaption><\/figure>\n

Incidents have almost doubled to about 35-40 a week since she took over the unit two years ago, Ms Grimmer says.<\/p>\n

\u201cIf it continues, I predict it\u2019s going to be the worst year on record for ransomware attacks in the UK.\u201d<\/p>\n

Hacking is becoming easier, and some of the tactics don\u2019t even involve a computer, like ringing an IT helpdesk to gain access.<\/p>\n

This has lowered the barrier for potential attacks, says Ms Grimmer: \u201cThese criminals are becoming far more able to access tools and services that you don\u2019t need a specific technical skill set for.\u201d<\/p>\n

The M&S hackers broke into the company\u2019s system using phishing or tricking their way into the system. This disrupted shoppers when deliveries were delayed, some shelves were left bare, and customer data was also stolen.<\/p>\n

James Babbage, Director General (Threats) at the NCA, says it is the characteristic of a younger generation of hackers, who now are \u201cgetting into cybercrime probably through gaming\u201d.<\/p>\n

James Babbage, Director General (Threats), National Crime Agency, says there is now a new generation of hackers<\/figcaption><\/figure>\n

\u201cThey\u2019re recognising that their sort of skills can be used to con help desks and the like into getting them access into companies.\u201d<\/p>\n

Once inside, the hackers can use ransomware, bought on the dark web, to steal data and lock computer systems.<\/p>\n

Ransomware is the most significant cybercrime threat we face, says Mr Babbage.<\/p>\n

\u201cIt\u2019s a national security threat in its own right, both here and throughout the world.\u201d<\/p>\n

Others have come to the same conclusion.<\/p>\n

In December 2023, Parliament\u2019s Joint Committee on the National Security Strategy warned there was a high risk of a \u201ccatastrophic ransomware attack at any moment\u201d.<\/p>\n

Earlier this year, the National Audit Office produced a report that said the threat to the UK was severe and advancing quickly.<\/p>\n

Companies need to \u201cthink about cyber-security in all the decisions they make,\u201d says Richard Horne at the NCSC.<\/p>\n

Mr Babbage says he would also discourage victims from paying ransoms.<\/p>\n

\u201cEvery victim needs to make their own choice, but it is the paying of ransoms which fuels this crime,\u201d he says.<\/p>\n

The government has proposed banning public bodies from paying ransoms.<\/p>\n

Private companies might have to report ransom attacks and get government permission to pay up.<\/p>\n

Back in Northamptonshire, Paul Abbott of KNP now gives talks warning other businesses about the cyber threat.<\/p>\n

He thinks companies should have to prove they have up-to-date IT protection \u2013 a sort of \u201ccyber-MOT\u201d.<\/p>\n

\u201cThere needs to be rules that make you much more resilient to criminal activity,\u201d he says.<\/p>\n

However, many companies are just choosing not to report the crime but simply to pay the criminals, says Paul Cashmore, a cyber-specialist brought in by KNP\u2019s insurers.<\/p>\n

When faced with losing everything, companies give in to the gangs.<\/p>\n

\u201cThis is organised crime,\u201d he says. \u201cI think there is very little progress against catching the perpetrators, but it\u2019s devastating.\u201d<\/p>\n<\/div>\n

\n
\n \n
\n \n \"Happy\"\n <\/a>\n
\n Happy <\/div>\n
\n 0<\/span>\n \n 0<\/span> %<\/span>\n <\/div>\n <\/div>\n\n
\n \n \"Sad\"\n <\/a>\n
\n Sad <\/div>\n
\n 0<\/span>\n 0<\/span> %<\/span>\n <\/div>\n <\/div>\n\n
\n \n \"Excited\"\n <\/a>\n
\n Excited <\/div>\n
\n 0<\/span>\n 0<\/span> %<\/span>\n <\/div>\n <\/div>\n\n
\n \n \"Sleepy\"\n <\/a>\n
\n Sleepy <\/div>\n
\n 0<\/span>\n \n 0<\/span> %<\/span>\n <\/div>\n <\/div>\n\n
\n \n \"Angry\"\n <\/a>\n
Angry<\/div>\n
\n 0<\/span>\n 0<\/span> %<\/span>\n \n <\/div>\n <\/div>\n\n
\n \n \"Surprise\"\n <\/a>\n
Surprise<\/div>\n
\n 0<\/span>\n 0<\/span> %<\/span>\n <\/div>\n <\/div>\n\n <\/div>\n <\/div>\n\n ","protected":false},"excerpt":{"rendered":"
\"WeakOne password is believed to have been all it took for a ransomware gang to destroy a 158-year-old company and put 700 people out of work.<\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"rop_custom_images_group":[],"rop_custom_messages_group":[],"rop_publish_now":"initial","rop_publish_now_accounts":{"facebook_2277560469115098_106292521332774":"","twitter_aToxNzczMzI3Njk4OTg4ODUxMjAxOw==_1773327698988851200":""},"rop_publish_now_history":[],"rop_publish_now_status":"pending","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-78269","post","type-post","status-publish","format-standard","hentry","category-blog"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/sotnews.agency\/index.php?rest_route=\/wp\/v2\/posts\/78269","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sotnews.agency\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sotnews.agency\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sotnews.agency\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sotnews.agency\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=78269"}],"version-history":[{"count":0,"href":"https:\/\/sotnews.agency\/index.php?rest_route=\/wp\/v2\/posts\/78269\/revisions"}],"wp:attachment":[{"href":"https:\/\/sotnews.agency\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=78269"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sotnews.agency\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=78269"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sotnews.agency\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=78269"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}