A Weak Password Bankrupted a 158-Year-Old Company

The use of an insufficiently strong password led to the collapse of a 158-year-old company through a ransomware attack, leaving 700 people unemployed.

KNP, a transport company based in Northamptonshire, England, with 500 trucks and employees, was just one of tens of thousands of businesses in the country targeted by such malicious software. Cyber attackers are believed to have accessed the company's computer system by cracking an employee's weak password, gaining access to all company data and locking internal systems.

A hacker group known as Akira infiltrated the company's systems, and employees could no longer access the data necessary to run the business. The cybercriminals demanded a ransom in exchange for the data.

A note left by the attackers in the system read: “If you are reading this, your company’s infrastructure is partially or completely dead… Let’s put the tears and resentment aside and engage in a constructive dialogue.”

Initially, the attackers did not specify how much money they wanted. A firm specializing in ransomware negotiations estimated the demand could reach up to £5 million. KNP did not have such funds.

In the end, all data was deleted, and the company went out of business as it could no longer operate.

Paul Cashmore, KNP’s cybersecurity expert, stated that many companies prefer not to report the crime and choose to pay the criminals instead.

He added that when faced with the risk of losing everything, companies tend to surrender to these gangs.

Source: BBC