Cyberattacks continue to rise year on year, making it a necessary priority for all businesses regardless of size. This is becoming a growing concern for SMEs, as they are increasingly becoming the target for cybercriminals. In 2024, 43% of cyber attacks were targeted at SMEs, with 60% of those that fell victim having to close their doors within six months as a result. It has been recently uncovered that employees of small businesses receive a 350% higher rate of social engineered attacks than their large corporation counterparts. In today's increasingly hostile digital world, all businesses are fair game to hackers, and they know that historically SMEs have failed to prioritise cybersecurity measures. But organisations of all sizes are waking up to the reality that cyber security measures, including offline data back ups, need to take priority sooner rather than later or everything could come crashing down. As in the case of the Knights of Old, were one mistake lead to the company's dissolution in just 3 months.
“My company thrived for 150 years – then Russian hackers brought it down in 3 months. No business can ignore this threat, no matter how big or small.” - Paul Abbott, Former Group Director and Co-owner of Knights of Old.
The company was founded by William Knight in the English village of Old in 1865 as a horse and cart delivery service. Over the years and evolving with the times, the company grew into a fleet of over 400 trucks and seven depots across the UK, acquiring other logistics companies along the way and trading under the name KNP Group. Around the time of the attack, the company was considered the largest logistics company in the country, bringing in around £100 million annual revenue and employing around 900 staff across the country. KNP Group had continued plans for expansion in 2023, looking to acquire space in various parts of London.
The Day of Reckoning
“If you’re reading this, it means the internal infrastructure of your company is fully or partially dead. For now, let’s keep all the tears and resentment to ourselves and try to build a constructive dialogue. We’re fully aware of what damage we caused by locking your internal source."
In June 2023, a Russian linked hacking gang Akira managed to infiltrate Knights' systems by simply guessing an employees password. What happened next can only be described as pure chaos. The network for managing truck deployment went down, access to their payment and booking system was compromised and their financial records were wiped clean. The gang then threatened to publish online its confidential internal data, unless they paid a ransom to receive a decryption key to release the data back. Former Group Director Paul Abbot stated that they decided not to negotiate or pay the ransom as there was no guarantee that it would be fully recovered. The hackers then published more 10,000 internal documents containing customer information, payroll and other financial information online.
The team had experienced computer failures in the past and because of this, they had already adopted an alternative way to work if another instance occurred again. Knights' temporarily reverted to writing paper tickets and job sheets along with their mobile phones and Gmail accounts while the company rebuild their systems in the background. However, the crucial financial information surrounding the business' financial records were completely wiped clean, including the back ups because the company had them stored within reach of Akira. Whilst Knights of Old had cybersecurity insurance for such an occurrence, the pay out would not of been enough to keep the company's doors open. Abbott searched for other options such as loans and a buyer to keep the company afloat. But without any record of their financial history records or performance reports, these options were no longer available to them.
The Devastating Consequences
Akira had managed to not only wipe Knights' original financial records, but also their back ups. Without this critical information to secure the necessary funding to keep the company running, there was no other alternative. After 158 years in business, KNP Group entered into administration in September 2023, only three months after the ransomware attack. This not only created a huge disruption to the logistics industry, but over 700 people lost their jobs and had their livelihoods suddenly disrupted. The overall impact was felt across the country.
William Wright, CEO of Scottish cybersecurity specialist Closed Door Security has this to say on the incident:
"It is devastating to see a ransomware attack shatter an organisation in this way, putting a renowned and decade-old business out of operation, while impacting hundreds of families across the UK because of job losses. When thinking about the threat of cybercrime, very few people understand just how bad things can be, but this is an example of the harsh, yet very real, consequences of attacks. Sometimes the financial and data losses, and business downtime are irreparable. In response to the news about KNP Logistics, it is essential other organisations take action to improve their defences against attacks to prevent ever being placed in this devastating position. These defences must be layered and proactive – reaction is not the goal. Organisations must constantly test and update their systems for vulnerabilities and actively patch them, they must train staff on attacker techniques, and they must implement tools which stop intruders reaching corporate assets or spreading through their networks."
Keeping Offline Data Back Ups
The case of the Knights of Old is a cautionary tale for all businesses, no matter your size, on the importance of cyber security and keeping back ups of your data that can not fall into the hands of cyber criminals. With World Backup Day fast approaching on March 31st we are reminded of the critical importance of securing our digital life and the perils associated with failing to back up our data. The top causes of data loss are commonly human error, hardware failure, malware, and other forms of cyberattacks. Having a plan in place to back up your data is one of the most important ways to protect information and keep data safe. Backing up ensures that even if it falls into the wrong hands, a copy of the data is retained, secure and instantly accessible.
We have a wide range of products that can suit those on a budget, with some of our hardware encrypted products starting at only £49, to desktop drives holding up to 24 TB to store both your personal and company’s most vital data in an ultra-secure, offline device.
Our datAshur PRO+C flash drive holds the distinction of being the world’s sole flash drive that has received the FIPS 140-3 Level 3 certification! It is a user-friendly USB 3.2 (Gen 1) Type-C flash drive (Type-C to Type-A adapter included) that combines ease of use with top-level security measures. It employs PIN protection and hardware encryption to safeguard your data to military-grade standards. Available in various capacities ranging from 32GB to 512GB, this innovative device ensures your information remains secure.
Our diskAshur3 range boasts the most advanced security features, recently passed the CAVP (Cryptographic Algorithm Validation Program) testing as part of the FIPS 140-3 Level 3 validation scheme that the products are currently being evaluated against. This includes three encryption modes (patent pending), and user-configurable PINs ranging from 8 to 64 digits. The new range incorporates all the essential features of other iStorage products such as ease of use, platform independence and tamper-proof sleek designs.
And our unique and patented iStorage cloudAshur hardware security module is the perfect solution for anyone wanting to securely store, share and manage data in the cloud. cloudAshur can also be used to encrypt data stored on a network drive, on a local PC/MAC and to send encrypted email attachments or data via file sharing software applications eliminating all the security vulnerabilities that exist with cloud platforms, such as lack of control, unauthorised access and human error.
Our latest products from Kanguru deliver a wide range of flash drives, hard drives, SSDs, NVMe and other ideal data storage products. Whether you are looking for the best military grade, FIPS Certified, TAA Compliant, GDPR hardware encryption products and remote management for your high security organisation, or just a simple data storage solution for the home, Kanguru has many flexible options to choose from. Kanguru also specialises in duplicators for Hard Drives, SSD, NVMe, DVD, Blu-ray and USB duplication for all types of cloning jobs whether extensive, simple one-offs, or with secure erase for meeting GDPR standards.
If you are looking to take control of your data and keep it out of the hands of cybercriminals year-round, speak to one of our company representatives now to see what would be best for you.
