Hacker collective Akira breaches a century-and-a-half old transportation company using a single swiped password, revealing the method behind the sabotage
In a series of recent cyberattacks, British retail giants Marks & Spencer (M&S), Harrods, and the Co-op, along with transport company KNP, have fallen victim to ransomware attacks. However, the hacking group responsible for the attacks on M&S, Harrods, and Co-op has not been identified as Akira, unlike the attack on KNP.
The ransomware attacks on these businesses resulted in critical data being encrypted and internal systems being locked, causing disruptions to their operations. KNP, unfortunately, was unable to recover from the attack, leading to its shutdown and the loss of jobs for 700 employees. The data of 6.5 million members has been stolen from these businesses, although the identity of the companies whose data was stolen has not been revealed by the National Cyber Security Centre (NCSC) or the National Crime Agency (NCA).
The NCSC and NCA have not disclosed the amount of ransom demanded in the attacks on M&S, Harrods, and Co-op. In contrast, Akira sent a ransom note to KNP, demanding an estimated £5 million, a sum that KNP could not pay.
The attack on KNP was carried out by hackers who are suspected to have gained access to the company's computer systems by stealing an employee's password. The identity of the employee whose password was compromised has not been revealed.
The ransomware attack on KNP serves as a stark reminder of the importance of strong password security and a comprehensive security strategy for businesses. Key password-related practices highlighted in the context of ransomware defense include using strong, unique passwords and enforcing multi-factor authentication (MFA), regularly updating and auditing credentials, implementing password managers, combining password security with layered technological defenses, conducting regular staff training and awareness, planning for quick detection and incident response, and maintaining immutable backups.
Suzanne Grimmer from the NCA warns that the problem of ransomware attacks is only getting worse, with the National Crime Agency reporting that ransomware attacks have doubled to around 35-40 cases a week in the past two years. Businesses can protect themselves from ransomware attacks by implementing a comprehensive security strategy centered on prevention, protection, detection, and response, with strong password security measures being a critical component.
Despite the attacks on M&S, Harrods, and Co-op not resulting in the loss of jobs or the shutdown of the companies, unlike KNP, the incidents highlight the increasing threat of cyberattacks to UK businesses. Organizations ignoring password hygiene and multifactor authentication typically face greater ransomware risks.
The disruptions caused by the ransomware attacks on M&S, Harrods, and Co-op highlight the threat of cyberattacks to UK businesses, emphasizing the significance of technology like multi-factor authentication in cybersecurity. Despite the stolen data, no companies have been identified among the general-news victims, underscoring the importance of strong smartphone and password security, especially in the era of increasing crime-and-justice associated with such attacks.
