In June 2023, Knights of Old, a venerable haulage company with a 160-year legacy based in Kettering, Northamptonshire, fell victim to a devastating ransomware attack. This cyber assault led to the company’s administration and the unfortunate loss of 730 jobs, underscoring the severe impact such incidents can have on businesses, regardless of their size or history.
The Attack and Its Immediate Consequences
The ransomware, identified as Akira, infiltrated Knights of Old’s IT infrastructure, corrupting critical financial data and leaving a ransom note embedded within the system. Despite the company’s confidence in its security protocols, the attack rendered essential data inaccessible, crippling operations. Paul Abbott, a board member at Knights of Old, expressed his dismay:
We felt we were in a very good place in terms of our security, our protocols, the measures we’d gone to protect the business.
The corruption of key financial information prevented the company from meeting reporting deadlines set by lenders, ultimately forcing it into administration. This incident highlights the critical importance of not only implementing robust cybersecurity measures but also ensuring their continuous evaluation and enhancement.
Broader Implications for the Logistics Sector
The logistics industry, heavily reliant on digital systems for tracking and managing supply chains, is particularly susceptible to cyber threats. The collapse of Knights of Old serves as a stark reminder of the vulnerabilities inherent in the sector. Cybersecurity expert Tash Buckley from Cranfield University emphasized the existential threat such attacks pose to smaller companies:
For smaller companies, it’s more of an existential issue. They don’t have the kind of finances that M&S have to get experts in.
This sentiment underscores the necessity for businesses of all sizes to invest in comprehensive cybersecurity strategies and to remain vigilant against evolving threats.
The Rise of Ransomware Attacks
Ransomware attacks have been on the rise, with cybercriminals employing increasingly sophisticated methods to infiltrate systems. The Akira ransomware, which emerged in March 2023, has targeted over 250 entities, reportedly amassing up to $42 million. Security analysts note that Akira typically exploits organizations running VPN services without multi-factor authentication (MFA). This highlights the critical importance of implementing MFA and other security measures to protect against such threats.
Recommendations for Businesses
In light of this incident, cybersecurity experts recommend several measures to bolster defenses against ransomware attacks:
1. Implement Multi-Factor Authentication (MFA): Enforce MFA for all remote access and cloud applications to add an extra layer of security.
2. Maintain Secure Backups: Ensure off-site, air-gapped, immutable backups with separate standalone non-domain authentication to safeguard critical data.
3. Regular Security Assessments: Conduct continuous evaluations of IT infrastructure to identify and remediate vulnerabilities.
4. Employee Training: Educate staff on recognizing phishing attempts and other common cyber threats to reduce the risk of human error leading to breaches.
The National Cyber Security Centre advises organizations to prioritize remediating known exploited vulnerabilities and to enable multi-factor authentication for all services. They emphasize the importance of routine engagement with various organizations to address the cyber threats that the UK faces.
A Cautionary Tale
The downfall of Knights of Old serves as a cautionary tale for businesses across all sectors. Paul Abbott’s final warning resonates with increasing urgency:
Whatever you think you’ve done, seriously get it checked by experts. People don’t think it’s going to happen to them.
This statement underscores the necessity for continuous vigilance and proactive measures in the ever-evolving landscape of cyber threats.
