Hacking
Greg Martínez/Unsplash

Over 700 workers were left jobless after Russian hackers gained entry to their company's computer systems by guessing a weak password and blocking them from accessing any of their data.

KNP, the 158-year-old transport company formerly known as Knights of Old, is one of thousands of UK businesses that have been hit by ransomware attacks.

Their systems were hacked in 2023 by a Russian hacking group known as Akira, which entered their database by guessing one employee's password.

KNP director Paul Abbott said on a new episode of BBC's Panorama that he hasn't told the employee that their password was what resulted in the loss of the company.

'Would you want to know if it was you?' he asked.

Following more recent ransomware attacks on major companies like M&S, Co-op and Harrods, the government has announced a crackdown on cyber criminals with ransomware measures.

Hackers Leave Chilling Ransom Note

Despite KNP claiming their IT met industry standards and that they'd taken out insurance against cyber-attacks, Akira was able to rob them of all their data, with the only way to get it back being to pay the hackers.

'If you're reading this it means the internal infrastructure of your company is fully or partially dead...Let's keep all the tears and resentment to ourselves and try to build a constructive dialogue,' the ransom note read.

A price wasn't named by Akira but ransomware negotiation specialists estimated the sum could be as high as £5 million ($6.7 million).

Without the money to pay that kind of demand, KNP's data was lost and the company went under.

The Worst Year for Ransomware Attacks Yet?

Suzanne Grimmer, a team leader at the National Crime Agency, said incidents have almost doubled to between 35 and 40 per week since she took over her unit two years ago.

'If it continues, I predict it's going to be the worst year on record for ransomware attacks in the UK,' she told Panorama.

Currently, companies don't have to report ransomware attacks or if they pay off the hackers, making statistics hard to determine. However, a government cyber-security survey suggests that 19,000 UK businesses suffered from ransomware attacks last year.

It's estimated that a third of businesses simply pay the ransom, with the typical UK ransom sum sitting at around £4 million ($5.3 million).

Government Crackdown On Ransomware Attacks

The UK Government announced a crackdown on ransomware attacks following the Panorama episode, which aired on BBC One on Monday night.

'Ransomware is estimated to cost the UK economy millions of pounds each year, with recent high-profile ransomware attacks highlighting the severe operational, financial, and even life-threatening risks,' the Home Office said.

They have proposed placing a ban on public sector bodies and operators of critical national infrastructure from paying ransom demands to cyber criminals. This includes the NHS, local councils, and schools.

Companies not included in the ban would be required to inform the government of any plans they have to pay ransom demands.

'The government could then provide those businesses with advice and support, including notifying them if any such payment would risk breaking the law by sending money to sanctioned cyber criminal groups, many of whom are based in Russia,' the Home Office explained.

Measures are also being taken to make reporting ransom attacks mandatory to allow UK intelligence the opportunity to hunt down the criminals.

'Ransomware is a predatory crime that puts the public at risk, wrecks livelihoods and threatens the services we depend on,' Security Minister Dan Jarvis said.

'By working in partnership with industry to advance these measures, we are sending a clear signal that the UK is united in the fight against ransomware,' he concluded.

Writer's pick
Hackers Cyberattack UK government