A single compromised password is believed to have brought down one of Britain’s oldest logistics companies — KNP, formerly known as Knights of Old — forcing it to shut operations and lay off 700 employees. The ransomware gang Akira is suspected of breaking into the company’s systems in 2023, encrypting all its data and demanding a multi-million-pound ransom.
According to a BBC investigation, the breach was likely the result of hackers guessing an employee’s password, giving them access to KNP’s internal infrastructure. From there, the gang crippled operations, locking staff out of critical systems. “If you’re reading this it means the internal infrastructure of your company is fully or partially dead,” read the ransom note left behind. No ransom amount was specified, but a specialist firm estimated it could have been as high as £5 million. KNP didn’t pay and lost everything.
The company had insurance and believed it had met IT security standards. But that wasn’t enough. “Would you want to know if it was you?” KNP director Paul Abbott said, explaining he never told the employee whose password was likely the entry point. “One small mistake,” he reflected, “was all it took.”
KNP’s collapse is part of a wider epidemic. The UK faced an estimated 19,000 ransomware attacks in 2023, with criminal groups also targeting major retailers like M&S, Co-op, and Harrods. The Co-op CEO confirmed last week that data from all 6.5 million members had been stolen. Suzanne Grimmer from the National Crime Agency (NCA) told the BBC that hacking incidents had almost doubled to 35–40 per week.
What makes today’s cybercriminals particularly dangerous is their evolving toolkit. Grimmer noted that hacking no longer requires advanced coding skills — attackers now “blag” their way in by tricking IT helpdesks or purchasing ransomware tools on the dark web. It’s social engineering, not just software, doing the damage.
National Cyber Security Centre (NCSC) officials told Panorama they are now tracking major cyber incidents daily. James Babbage, Director General of Threats at the NCA, warned of a rising generation of hackers emerging from online gaming circles. “They’re recognising that their sort of skills can be used to con help desks and the like into getting access into companies.”
The UK government has proposed banning public sector ransom payments and may require private companies to report attacks and seek approval before paying. But enforcement and prevention remain patchy.
Story continues below this ad
KNP’s Abbott is now on a mission to prevent others from suffering the same fate. He advocates a “cyber-MOT” system where businesses must regularly prove their IT defences meet standards. Meanwhile, insurers and cyber-specialists like Paul Cashmore say many companies, fearing collapse, simply pay and stay silent.
“This is organised crime,” Cashmore said. “There is very little progress against catching the perpetrators, but it’s devastating.”
