A business is only as strong as its weakest link, and when that weak link happens to be an employee's easily guessed password, the consequences can be devastating. One such haulage company is KNP, which operates around 500 large trucks across Northamptonshire.
The attackers did not disclose the exact price of the ransomware keys, but one specialist firm estimated that KNP's losses could be as high as £5 million. Even with insurance, the money was more than the company could afford. Eventually, the KNP collapsed and hundreds of people lost their jobs.
KNP director Paul Abbott told the BBC he never told the employee whose password was weak and that the theft of their credentials led to the company's collapse. "If it were you, would you want to know?" he asked.
Cases like this are more common than you think, and cybercriminals like the ones behind the KNP incident are always looking for weaknesses in security. "They always find an organization when something is not going well and they take advantage of it," said a team member at the National Cyber Security Center named "Sam" (pseudonym).
Sam added that part of the problem is the sheer number of attackers. According to the UK government's cybersecurity survey, there were an estimated 19,000 ransomware attacks against local businesses last year. The average ransom is around £4 million, with around a third of companies paying just to stay afloat.
Despite multiple layers of protective measures, the problem continues to worsen. Suzanne Grimmer, team leader at the National Crime Agency, said the number of attacks had almost doubled in the past two years. "If this continues, I predict this will be the worst year in the history of ransomware attacks in the UK," Grimmer added.
As for Abbott, he now spends his time warning other companies about the dangers posed by cybercriminals.