'One weak password make 700 pipo lose dia jobs' - ransomware attack na serious warning to businesses

Pesin wey wia hooded jacket and gloves siddon wit laptop
    • Author, Richard Bilton
    • Role, BBC Panorama
  • Read am in 6 mins

Weak password allow hackers to sink a 158-year-old company.

Tori be say na just one password na im one ransomware gang of hackers take destroy one 158-year-old company plus end di work of 700 pipo.

KNP na one Northamptonshire transport company among tens of thousands of UK businesses wey don experience dat kain attacks.

Big names like M&S, Co-op and Harrods don all face attacks for recent months.

Di chief executive of Co-op confam last week say dem steal di data of all of im 6.5 million members.

For KNP case, e be like di hackers manage to enta dia computer system by guessing di password of one of dia workers.

Afta dat dem encrypt di company data and lock im internal systems.

KNP director Paul Abbott say im neva tell di employee say dia compromised password na im most likely lead to di destruction of di company.

"If na you, you go wan know?" im ask.

"We need organisations to take steps to secure dia systems, to secure dia businesses," Richard Horne CEO of National Cyber Security Centre (NCSC) – wia dem bin give Panorama exclusive access to di team wey dey battle international ransomware gangs, tok.

One small mistake

For 2023, KNP bin dey run 500 lorries – most of dem bin dey under di brand name Knights of Old.

Di company say dia IT bin comply wit industry standards and dem don take insurance against cyber-attack.

But one gang of hackers, wey dem sabi as Akira, enta di system make staff no fit access any of di data wey dem need to run di business.

Di only way to get di data back according to di hackers, na to pay.

Paul Abbott look from left to right
Wetin we call dis foto, Ransomware hackers attack Paul Abbott company KNP

"If you dey read dis e mean say di internal infrastructure of your company dey fully or partially dead…Make we keep all di tears and anger to oursef and try to build constructive dialogue," di ransom message tok.

Di hackers no name price, but specialist ransomware negotiation company dey estimate say di money fit reach as much as £5m.

KNP no get dat kain money. In di end dem loss all di data, and di company close.

A large red and blue truck wit words 'Knights of Old' and 'Service wit Honour' wey dem write on di body
Wetin we call dis foto, Wen KNP close down 700 pipo lose dia jobs

Di National Cyber Security Centre (NCSC) say im goal "to make UK di safest place to live and work online". Dem say dem dey deal wit major attack evri day.

NCSC na part of GCHQ, one of UK three main security services alongside MI5 and MI6.

Di hackers no dey do anytin new, "Sam" (no be im real name), wey dey run one NCSC team wey dey deal wit day-to-day attacks, say.

Dem just dey look for weak link, im tell Panorama.

"Dem just dey constantly find organisations on a bad day and den take advantage of dem."

Using intelligence sources, NCSC operatives bin try to spot attacks and eject hackers from computer systems before dem go fit deploy ransom software.

"Jake" (no be im real name) dey night duty during a recent incident wen dem stop hackers.

"You understand di level of wetin dey happun and you wan reduce di harm," e tok. "You go happy somehow, especially if we succeed."

But NCSC only fit provide one layer of protection, and ransomware na growing and lucrative crime.

"Part of di problem be say dem get a lot of attackers," Sam say. "We no plenty."

Statistics dey hard to get becos companies no dey report attacks or if dem pay ransoms.

However, di estimate be say e reach up to 19,000 ransomware attacks on UK businesses last year, according to goment cyber-security survey.

Industry research suggest say typical UK ransom demand na about £4m and say about one third of companies go just pay.

Richard Horne dey look from left to right
Wetin we call dis foto, Richard Horne, CEO, National Cyber Security Centre

"We don see wave of criminal cyber-attacks for di last few years," Richard Horne, di NCSC CEO tok. Im deny say criminal dey win, but say companies need to improve dia cyber-security.

If prevention no work, anoda team of officers for National Crime Agency (NCA) work na to catch offenders.

Hacking dey increase sake of say na lucrative crime, Suzanne Grimmer, wey dey head one team for NCA.

Her unit bin carry out di initial assessment into di M&S hack.

Suzanne Grimmer wear dark-colored shirt and a necklace wit small pendant.
Wetin we call dis foto, Suzanne Grimmer, National Crime Agency, say hacking attacks don almost double

Incidents don almost double to about 35-40 a week since she take over di unit two years ago, Grimmer tok.

"If e kontinu, I predict e go be di worst year on record for ransomware attacks for UK."

Hacking dey become easier and some of di tactics no even involve computer, like ringing IT helpdesk to gain access.

Dis don lower di barrier for potential attacks Grimmer tok say: "Dis criminals dem dey far more able to access tools and services wey you no need specific technical skill set for."

Di M&S hackers break into di company system by means of blagging or tricking dia way into di system.

Dis one cause disruption to shoppers wen dem delay delivery, some shelves bin dey empty, and dem steal customer data.

James Babbage, Director General (Threats) for NCA, say dis na characteristic of younger generation of hackers, wey dey now "get into cybercrime probably through gaming".

James Babbage
Wetin we call dis foto, James Babbage, Director General (Threats), National Crime Agency

"Dem dey recognise say di kain skill wey dem get dem fit use am to deceive help desks and di likes into getting access into companies."

Once inside, di hackers fit use ransom software wey dem buy from dark web to steal data and lock computer systems.

Ransomware na di most significant cyber-crime threat wey we dey face, Babbage tok.

"Na national security threat e be, both here and throughout di world."

Odas don come to di same conclusion.

For December 2023, Parliament Joint Committee on National Security Strategy warn say e get high risk of "catastrophic ransomware attack at any moment".

Earlier dis year, di National Audit Office produce one report wey say di threat to UK dey severe and e dey advance quickly.

Companies need to "tink about cyber-security in all di decisions wey dem make," Richard Horne for NCSC tok.

Babbage say im go also discourage victims from paying ransoms.

"Evri victim need to make dia own choice, but na di paying of ransoms n aim dey fuel dis crime," im say.

Di goment don propose make dem ban public organisation from paying ransoms.

Private companies fit to dey report ransom attacks and get goment permission to pay up.

Back for Northamptonshire, Paul Abbott of KNP dey give toks now, dey warn oda businesses about cyber threat.

Im dey tink say companies go gatz to prove dem get up-to-date IT protection – some tin like "cyber-MOT".

"E dey needful for rules to dey wey go make you much more resilient to criminal activity," im tok.

However, many companies just dey choose not to report di crime but simply pay di criminals, Paul Cashmore, one cyber-specialist wey KNP insurers bring in, tok.

Wen dem dey face losing everytin, companies dey give in to gangs.

"Dis na organised crime," im say. "I tink na very small progress dem don make against di criminals, but e dey devastating."