Akira Ransomware

Weak password destroys 158-year-old company

Closed Schild

A single password that was too weak was enough to destroy the KNP transport company and put 700 people out of work. To this day, the employee concerned does not know that his compromised password led to the destruction of the company – out of consideration.

The Akira gang hackers gained access to KNP’s systems in 2023 by guessing an employee’s password – presumably through brute force attacks, simple guessing or by exploiting previously leaked credentials. Once in the system, they encrypted all company data with professional ransomware, as reported by the BBC.

Ad

“If you are reading this, it means that your company’s internal infrastructure is completely or partially dead,” the Akira gang’s cynical ransom note read.

The employees were suddenly locked out of all business-critical data – customer data, delivery schedules, vehicle scheduling, accounting. The transport company was effectively incapacitated. KNP director Paul Abbott has still not told the employee concerned that his compromised password led to the disaster. “Would you want to know if it was you?” he asks.

The 158-year-old company from Northamptonshire operated 500 trucks under the “Knights of Old” brand and, according to its own statements, had no chance despite cyber insurance and the usual IT standards in the industry: when the money for the million-pound claim was missing, all the data was irretrievably lost.

Ad

Epidemic in Great Britain

KNP is not an isolated case. M&S, Co-op and Harrods were also recently attacked. At Co-op, the data of all 6.5 million members was stolen. According to government statistics, there were around 19,000 ransomware attacks on British companies in 2024.

The National Crime Agency (NCA) reports a doubling of incidents to 35-40 per week. “If this continues, it will be the worst year for ransomware attacks in UK history,” warns NCA expert Suzanne Grimmer in the BBC report.

Who is Akira?

The Akira ransomware gang is one of the most dangerous cyber criminals in the world. Since March 2023, the group has attacked over 250 organizations and extorted 42 million US dollars in the process. Akira is believed to have originated from former members of the notorious Conti gang and is known for its retro website on the darknet, which looks like a green computer screen from the 1980s. The group uses “double-extortion” tactics: first data is stolen, then encrypted – if payment is not made, the data is threatened with publication.

Ad

Weitere Artikel