A specialist firm estimated the ransom demand could have been as high as £5 million, which the company could not afford.
A ransomware attack has forced UK logistics firm Knights of Old into collapse.
The 158-year-old company was traced back to a weak employee password that hackers guessed, allowing them to infiltrate systems and encrypt all data, according to Tom's Hardware.
The ransom note left behind described the company's infrastructure as "fully or partially dead" and demanded payment for data recovery. Its insurer, Solace Global, found that not only were the servers and backups encrypted, but all endpoints had been compromised, leaving no recovery path.
A specialist firm estimated the ransom demand could have been as high as £5 million, which the company could not afford.
Tim Ward, CEO and co-founder, Redflags from ThinkCyber, commented: “The destruction of KNP, formally Knights of Old, is a truly sad cybersecurity tale, but it is also a tale of simple cyber hygiene issues having a critical impact.
“Whilst a small organisation, I’d still be very surprised if staff hadn’t had some sort of traditional security awareness training. The fact is these approaches, especially in small organisations, tend to tick a box and nothing else. It's not about doing “more” training, but about examining what is effective, which means understanding how people truly learn and behave when they use their IT.”
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
