KNP, a Northamptonshire transport company, was destroyed by a ransomware gang that stole data and locked its internal systems. The company, which was running 500 lorries under the brand name Knights of Old, had taken out insurance against cyber-attacks. The hackers, known as Akira, managed to gain entry to the computer system by guessing an employee’s password, encrypted the company’s data, and locked its internal systems. KNP director Paul Abbott hasn’t told the employee that their compromised password most likely led to the destruction of the company.
Along with MI5 and MI6, GCHQ, one of the three primary security services in the UK, includes the National Cyber Security Centre (NCSC). The NCSC handles a significant attack every day and strives to make the UK the safest place to live and work online. However, because businesses are not required to report attacks or pay ransoms, statistics on ransomware, a lucrative and expanding crime, are difficult to come by. The Joint Committee on the National Security Strategy of Parliament issued a warning in December 2023 that a “catastrophic ransomware attack at any moment” was very likely.
Industry research suggests that the typical UK ransom demand is about £4m, and about a third of companies simply pay up. Richard Horne, the NCSC’s CEO, denies the criminals are winning but says that companies need to improve their cyber-security. If prevention doesn’t work, another team of officers at the National Crime Agency (NCA) has the job of catching the offenders.
Hacking is on the rise because it’s such a lucrative crime, and some of the tactics don’t even involve a computer, like ringing an IT helpdesk to gain access. This has lowered the barrier for potential attacks, as criminals are becoming far more able to access tools and services that you don’t need a specific technical skill set for.
The M&S hackers broke into the company’s system by means of blagging or tricking their way into the system. This caused disruption to shoppers when deliveries were delayed, some shelves were left bare, and customer data was also stolen. James Babbage, Director General (Threats) at the NCA, says it is the characteristic of a younger generation of hackers, who now are “getting into cybercrime probably through gaming”.
The government has proposed banning public bodies from paying ransoms. Private companies might have to report ransom attacks and get government permission to pay up. Paul Abbott of KNP now gives talks warning other businesses about the cyber threat, thinking companies should have to prove they have up-to-date IT protection – a sort of “cyber-MOT”. There needs to be rules that make people much more resilient to criminal activity. However, many companies are just choosing not to report the crime but simply to pay the criminals, says Paul Cashmore, a cyber-specialist brought in by KNP’s insurers. When faced with losing everything, companies give in to the gangs.
