Latest news with #KNPLogistics
Techday NZ
5 days ago
- Business
- Techday NZ
Emerging cyber threats for 2025 target healthcare & industry
New research from Secureframe has identified the five most significant emerging cyber threats for 2025, focusing on the risks posed to critical sectors including healthcare, infrastructure, and small and medium-sized businesses. The report by Secureframe analyses recent high-profile breaches along with global threat trends and highlights an environment increasingly shaped by AI-driven attacks, organised cybercrime groups, and the rapid exploitation of newly discovered vulnerabilities. Rising threats across sectors Findings within the report indicate ransomware attacks on industrial operators grew by 46% in the first quarter of 2025 alone. Healthcare breach costs have reached an average of USD $5.3 million per incident, marking a 25% increase above the next closest industry. AI-driven criminal tools are enabling the widespread use of advanced phishing schemes, deepfakes, and malware that adapts to targets in real-time. Supply chain vulnerabilities are also being targeted more frequently by cybercriminals, with third-party vendor breaches now a primary vector for large-scale attacks. One cited example was the collapse of the 158-year-old KNP Logistics due to a ransomware incident, underscoring the real-world impact on businesses of all sizes. Organised cybercrime syndicates The report lists organised criminal networks as the number one threat, noting that these groups are expanding their activities through tools such as automation and ransomware-as-a-service platforms. LockBit is highlighted as an active player despite international efforts to dismantle such organisations, while new groups, including Interlock, are emerging to mimic these operations. AI-powered attacks Attackers are leveraging generative AI to craft realistic phishing lures, create deepfakes, and generate malware that adapts in real-time. In one case, AI-generated content helped defraud over 500,000 investors in the JuicyFields scam. Such developments signify a shift in the sophistication of cyber threats, demanding equally advanced detection and response capabilities. Advanced persistent threats Nation-state actors are intensifying long-term, covert attacks primarily targeting energy providers and defence contractors. Groups such as APT33 and APT39 were particularly active across North America and Europe in 2025, with campaigns designed to evade traditional security measures for months at a time. Zero-day vulnerabilities The research outlines that previously unknown and unpatched weaknesses are being exploited at a record pace. An example in 2025 was a critical flaw in Microsoft SharePoint (CVE-2025-53770) which was actively targeted globally before vendors released a remedy. Software supply chain attacks Third-party software platforms are being leveraged as a point of entry for cyberattacks against broader enterprise ecosystems. Secureframe notes that attacks involving compromised SAP SuccessFactors providers resulted in breaches extending into sectors from healthcare to consumer goods. Industry-specific warnings The healthcare sector is seen as especially vulnerable. The report states: "With 92% of organizations reporting attacks in 2024, the sector must prioritize HIPAA-compliant training and secure offline backups." Critical infrastructure operators in the defence and energy fields are advised to implement the NIST 800-172 and CMMC 2.0 frameworks to respond to escalating threats from nation-state actors. Financial services continue to face risks associated with investment fraud and business email compromise, prompted by increasingly refined social engineering attacks. Mitigation strategies Secureframe's report includes a recommended 10-step cybersecurity playbook designed to align with NIST CSF 2.0 and ISO 27001 standards. Suggested actions consist of emergency patching, multi-factor authentication enforcement, privileged account monitoring, third-party vendor assessments, continuous threat detection, and regular employee phishing simulations and tabletop crisis exercises. Methodology The findings were generated through the examination of cybersecurity incidents across multiple industries, using case studies of attacks on healthcare organisations, infrastructure systems, and large corporations during 2024 and 2025.
&w=3840&q=100)
First Post
22-07-2025
- Business
- First Post
How a weak password destroyed a 158-year-old UK company and left 700 people jobless
KNP Logistics, one of Britain's oldest companies, collapsed after a ransomware attack exploited a weak password and hacked into its internal network. The gang of hackers, known as Akira, demanded a ransom of 5 million pounds (Rs 58 crore), which the firm couldn't pay. The transport company eventually filed for bankruptcy, leaving as many as 700 employees jobless overnight read more A gang of hackers, known as Akira, accessed the company's complete network by cracking a weak employee password and then reportedly demanded a ransome for decryption key. Image for Representation. A simple, easy-to-guess password has led to the downfall of one of Britain's oldest companies, leaving more than 700 people without jobs. KNP Logistics, a 158-year-old transportation firm, collapsed after falling victim to a ransomware attack that locked them out of their own systems. According to the BBC, hackers are believed to have accessed the company's complete network by cracking a weak employee password. Once inside, they encrypted data, froze the company's operations and asked for a huge ransom. And just like that, a company that had been around for over a century and a half was gone. STORY CONTINUES BELOW THIS AD This is not a one-off. The UK has been seeing a surge in similar attacks, and if things continue this way, authorities say this could be the worst year yet for ransomware in the country. So how exactly did this happen? And why are so many companies getting hit? Here's a closer look. How a weak password brought down the firm Back in 2023, KNP was running a fleet of 500 lorries — most of them under the well-known brand, Knights of Old. On paper, everything seemed in place. The company said its IT systems followed industry standards, and it even had cyber insurance in case of an attack. But a gang of hackers, known as Akira, got into the system, leaving staff incapable to access any of the data needed to run their business. To regain access, the hackers demanded a ransom payment in exchange for the decryption key. 'If you're reading this it means the internal infrastructure of your company is fully or partially dead…Let's keep all the tears and resentment to ourselves and try to build a constructive dialogue,' read the ransom note. A hooded man holds a laptop computer as blue screen with an exclamation mark is projected on him in this illustration picture taken on May 13, 2017. Representational Image/Reuters The hackers didn't name a price, but a specialist ransomware negotiation firm estimated the sum could be as much as 5 million pounds (Rs 58 crore). KNP didn't have that kind of money. STORY CONTINUES BELOW THIS AD In the end all the data was lost, and the company had no other option but to file for insolvency. In a surprising admission to the BBC, KNP director Paul Abbott revealed he never told the employee that their password may have led to the company's collapse. 'Would you want to know if it was you?' he said. Cyberattacks on the rise in the UK Stories like KNP's are more commonplace than you might realise. Recently, prominent UK companies, such as M&S, Co-op, and Harrods, have also fallen victim to similar attacks. In Co-op's case, the data of 6.5 million members was stolen. At M&S, hackers simply tricked IT staff by pretending to be someone they weren't. This tactic, known as blagging or pretexting, works when a hacker creates a fake backstory, builds trust, and slowly talks their way into gaining access. And that's really all it takes. 'They're just constantly finding organisations on a bad day and taking advantage,' one cyber team member from the National Cyber Security Centre (NCSC) told the BBC. 'This is organised crime,' added Paul Cashmore, a cyber expert brought in by KNP's insurers. 'There's very little progress in catching these people — but the impact is devastating.' STORY CONTINUES BELOW THIS AD And the numbers are only climbing. Suzanne Grimmer from the National Crime Agency (NCA) says ransomware attacks have nearly doubled in the past two years. 'If it continues, I predict it's going to be the worst year on record for ransomware attacks in the UK,' Grimmer added. Young gamers are turning to cybercrime Inside Government Communications Headquarters (GCHQ), where some of Britain's best cyber officers work to prevent online threats, they say cyber attacks are a growing concern. The number of cases has now up to 35–40 incidents a week, according to Grimmer. Part of the problem? Hacking is getting easier. 'You no longer need advanced tech skills to pull off a cyberattack,' Grimmer told the BBC. All it takes is a few online tools — many of them bought easily on the dark web. What's even more worrying is where the next wave of hackers is coming from. James Babbage, Director General (Threats) at the NCA, says young gamers are turning to cybercrime, often starting by using their skills to con helpdesks or customer support staff into giving access to internal systems. Once they're in, they deploy ransomware tools and shut everything down. 'It's a national security threat in its own right,' Babbage said. STORY CONTINUES BELOW THIS AD According to the UK government's cyber-security survey, there were an estimated 19,000 ransomware attacks on local businesses last year. The average ransom is around four million pounds (Rs 46 crore), and around one in three companies simply pay up to keep the ship afloat. Earlier this year, the National Audit Office warned that the cyber threat to the UK is severe and evolving fast. New government proposals suggest that public bodies could soon be banned from paying ransoms, while private firms may need to report attacks and seek permission before paying. 'Every victim needs to make their own choice,' Babbage said. 'But it's the ransom payments that are keeping this industry alive.' Back in Northamptonshire, KNP's boss Paul Abbott is now using his story as a warning. He gives talks urging businesses to tighten their defences and calls for companies to undergo mandatory checks — something like a regular 'cyber-MOT.' 'There need to be rules,' he told the BBC, 'that make you much more resilient to criminal activity.' With input from agencies
