160-Year-Old IT Firm Closed Following Ransomware Attack: Director Sounds Alarm

A devastating ransomware attack has forced Knights of Old, a 160-year-old haulage firm based in Kettering, Northamptonshire, into administration, resulting in 730 job losses and prompting a stark warning from its director to other businesses.

Paul Abbott, who served on the board at Knights of Old, revealed that despite believing they had robust security measures in place, the company was crippled by the Akira ransomware attack that corrupted critical financial data in June 2023. 

“We felt we were in a very good place in terms of our security, our protocols, the measures we’d gone to protect the business,” Abbott stated.

Ransomware Takes Down a Historic Firm

BBC reports that the attack left a ransom note buried in the company’s IT systems and devastated operations at the logistics firm that had been operating since 1865. 

Despite efforts to maintain operations manually, the damage to key data made it impossible for Knights of Old to meet financial reporting deadlines set by lenders, ultimately forcing the company into administration.

“There are hundreds of businesses being compromised. The issue is the reputational damage,” Abbott warned.

His cautionary message comes as retail giants Marks & Spencer and the Co-op currently battle significant disruptions after being targeted by cybercriminals reportedly using DragonForce ransomware.

The logistics sector is particularly vulnerable to these attacks due to its heavy reliance on digital systems tracking goods throughout supply chains. 

Knights of Old parent company KNP Logistics Group suffered what administrators called a “major ransomware attack” that “affected key systems, processes and financial information”. 

This “adversely impacted” the group’s financial position and ability to secure additional investment.

Cybersecurity expert Tash Buckley from Cranfield University emphasized that while larger companies may have resources to recover, smaller businesses face existential threats from such attacks. 

“For smaller companies, it’s more of an existential issue. They don’t have the kind of finances that M&S have to get experts in,” she explained.

Security analysts note that Akira typically targets organizations running VPN services without multi-factor authentication. 

Since emerging in March 2023, the ransomware-as-a-service operation has impacted over 250 entities and reportedly earned up to $42 million.

Paul Cashmore, from the incident response team Solace Cyber, who worked with Knights of Old, recommends businesses implement “MFA – Multifactor authentication enforced for all remote access and cloud apps” and maintain “off-site, air-gapped, immutable backups with separate standalone non-domain authentication”.

The National Cyber Security Centre advises organizations to prioritize remediating known exploited vulnerabilities and enable multi-factor authentication for all services, while reinforcing that they routinely engage with a whole range of organisations about the cyber-threats that the UK faces.

Abbott’s final warning resonates with increasing urgency: “Whatever you think you’ve done, seriously get it checked by experts. People don’t think it’s going to happen to them.”

Setting Up SOC Team? – Download Free Ultimate SIEM Pricing Guide (PDF) For Your SOC Team -> Free Download

The post 160-Year-Old IT Firm Closed Following Ransomware Attack: Director Sounds Alarm appeared first on Cyber Security News.