Ancient firm shut down following a ransomware incident triggered by a single correctly guessed password, resulting in 700 job losses as cybercriminals demand an excessive ransom
In a shocking turn of events, a 158-year-old UK-based transportation company, Knights of Old (KNP), has succumbed to a devastating ransomware attack. As reported by the BBC, the attackers have been identified as the notorious 'Akira' group.
The ransom demand, estimated to be as high as £5 million ($6.74 million), has proven insurmountable for KNP, a sum the company reportedly does not have. The catastrophic breach, triggered by hackers guessing a single employee's weak password, has led to the shutdown of the logistics firm and the loss of 700 jobs, despite existing IT security standards and insurance.
The incident has sparked a wave of proposals aimed at improving cybersecurity hygiene in the UK. These proposals focus on addressing vulnerabilities such as weak passwords, employee awareness, and reinforcing digital defenses across businesses.
One of the key recommendations is the implementation of stronger password policies, including multi-factor authentication (MFA) and eliminating reliance on single or weak passwords. The importance of enhancing employee cybersecurity training has also been emphasized, with a focus on raising staff awareness about credential security and phishing risks.
In addition, there is a call for comprehensive incident preparedness and response planning, moving beyond basic IT compliance and insurance to develop robust cybersecurity frameworks that enable data recovery and minimize operational disruption. Regular security audits and penetration testing are also suggested to identify and patch system vulnerabilities before they are exploited.
The UK government's National Cyber Security Centre (NCSC) is actively involved in these efforts, advocating for strengthening digital defenses by addressing weak points that hackers routinely exploit rather than novel attack methods.
In response to the growing problem of ransomware attacks in the UK, proactive measures are being proposed. These include banning public bodies from paying ransoms and enforcing private companies' reporting of ransoms to the government.
The collapse of KNP serves as a stark reminder of the potential consequences of a successful ransomware attack. As such, expert advice increasingly stresses multifactor authentication, employee training, rigorous system testing, and stronger contingency planning as essential steps in cybersecurity hygiene reform.
It is also suggested that companies should have regular independent cyber-audits to ensure a minimum standard of cybersecurity hygiene. A Panorama documentary, released this week, provides additional details about the scope of the cyberattack on KNP.
As of July 22, 2025, around 500 KNP trucks remain off the road, a testament to the far-reaching impact of the attack. The hackers encrypted and locked KNP's operational data and demanded a ransom, leaving a chilling ransom note stating that all internal infrastructure of the company was fully or partially dead.
The UK government's NCSC is working towards making the UK one of the safest places for online activity, with the ultimate goal of reducing the risk of simple compromises triggering widespread business failures and improving resilience against ransomware gangs.
- Despite the existing IT security standards and insurance, the Knights of Old (KNP) incident underscores the need for businesses to prioritize improving cybersecurity hygiene, particularly through implementation of stronger password policies, such as multi-factor authentication, and more rigorous employee cybersecurity training.
- In light of the KNP incident, there is a push for UK companies to incorporate comprehensive incident preparedness and response planning, including regular security audits and penetration testing, to reduce business disruption caused by ransomware attacks.
