Ransomware Gang Destroys A 158-Year-Old Company And A Weak Password Is To Blame
We recently reported that the development of powerful GPUs and AI tools has given malicious actors an incredible ability to crack passwords and compromise security infrastructures. And if a password is weak, attackers can easily crack it within a few minutes. Experts explained that a weak password made the recent attack on KNP's security infrastructure possible. After gaining access to the company's system, they encrypted the data that is instrumental in running the company's day-to-day activities, making it impossible for employees to do their work.
The ransomware gang linked to this attack is the Akira gang, which became infamous in 2023 for using sophisticated techniques to encrypt data and demand ransom. In the attack on KNP, however, the gang did not state the ransom's worth; rather, they left a note which reads: "If you're reading this it means the internal infrastructure of your company is fully or partially dead…Let's keep all the tears and resentment to ourselves and try to build a constructive dialogue,"
A ransomware negotiation firm has estimated that the gang would have demanded over $5 million to release the encrypted data. Since the company does not have enough money to pay the ransomware gang, KNP ceased operations.
The incidence of ransomware attacks has continued to gain momentum. We've reported on the activities of the Clop and the Scattered Spider Ransom groups, which usually employ social engineering tactics to lure victims. It is worth noting that the more victims pay attackers to regain control over their data, the more emboldened these gangs become.
Although fear among victims is a major driver of these payments, it's sadly not the only reason. This fear, coupled with the complicity of some negotiators, makes stopping these payments a major challenge. For instance, we reported that an ex-employee of a cybersecurity firm was under investigation over allegations that he was colluding with hackers to the detriment of victims. In that same report, we highlighted the findings that revealed some cybersecurity firms were simply paying ransom instead of helping victims gain access to data without paying ransom.
While it may be impossible to anticipate all the tactics that hackers deploy, companies should regularly update their security architecture and educate employees on the nature of these attacks.
