An employee’s weak password allowed hackers to gain entry into Knights of Old’s (KNP’s) computer system, resulting in the downfall of the 158-year-old company and the loss of more than 700 jobs, former director Paul Abbott has revealed.
The fatal flaw in KNP’s security, which ultimately brought the company down, is revealed tonight (21 July) on BBC Panorama’s latest episode, Fighting Cyber Criminals, which is on BBC One at 8.30pm and on BBC iPlayer.
Reporter Richard Bilton investigates the online crimewave and interviews former KNP director Paul Abbott, who recalls the cyber attack in June 2023 and tells how the notorious hackers, who call themselves Akira, managed to gain entry to the computer system by guessing an employee’s password.
Abbott said the employee has never been informed of their unwitting role in the cyber attack.
Once in, the hackers encrypted the company’s data, locked its internal systems and demanded a ransom payment.
The ransom note said: “If you’re reading this it means the internal infrastructure of your company is fully or partially dead. For now let’s keep all the tears and resentment to ourselves and try to build a constructive dialogue.”
KNP’s insurers immediately sent in a cyber crisis team who established all of KNP’s data had been encrypted, and that its servers, back up and its disaster recovery systems had all been destroyed.
The cyber crisis team contacted a ransomware negotiation specialist firm that said the ransom payments made to Akira typically start at $5m (£3.7m) and that they had successfully negotiated 20 cases with Akira, with an average payout of $2m (£1.5m)
Unable to raise the money by September, just weeks after the cyber attack, KNP was forced to call in the administrators.
Paul Abbott is now a cyber security consultant, as well as the founder and owner of Huntingdon-based Yarrow Group, a haulage firm with a fleet of four trucks.
Speaking to MT he warned that board directors should not become complacent and assume their IT team have security covered.
“There needs to be more understanding of the risks at board level. Directors need to have a good understanding of what questions to ask and what answers to look for when it comes to cyber security.
He added: “It can be confusing as there are a lot of businesses out there professing to be experts and it can be confusing to know what you need.
“However it does not need to be expensive. There are some highly sophisticated tools out there that we never knew existed until we were hacked and those tools actually cost us less than what we had before.”
Despite installing these tools - and continuing to win new business after the attack - KNP struggled to restore financial data in time to satify its lender, which Abbott said tipped the company into administration.
The National Cyber Security Centre (NCSC) which is part of GCHQ, also features in the programme and warns that it is dealing with at least one of these cyber attacks every day and that the threat is on the increase.
Using intelligence sources, NCSC operatives try to spot attacks and eject hackers from computer systems before they can deploy ransom software.
However the number of cyber attacks are overwhelming. There were an estimated 19,000 ransomware attacks on UK businesses last year, according to the government’s cyber-security survey - and this could be the tip of the iceberg since many companies do not report attacks on their businesses.
Before going into administration in June 2023, KNP Logistics Group included subsidiaries Knights of Old, Nelson Distribution, Steve Porter Transport and Merlin Supply Chain Solutions. It operated a fleet of over 500 trucks and employed around 750 staff.
