Just last year, an estimated $1 billion dollars was extorted by ransomware gangs, and it has now been projected that within the next six years, these cybercriminals could collectively generate a whopping $265 billion annually. These figures are not surprising, as cases of ransomware gangs attacking large organizations in waves of sophisticated cyberattacks have been on the rise. These attacks can have bigger implications. Case in point, a new report has revealed that a ransomware attack in which a weak password was exploited has led to over 700 people losing their jobs in KNP, a 158-year-old transport company that had to cease its operations entirely.
We recently reported that the development of powerful GPUs and AI tools has given malicious actors an incredible ability to crack passwords and compromise security infrastructures. And if a password is weak, attackers can easily crack it within a few minutes. Experts explained that a weak password made the recent attack on KNP’s security infrastructure possible. After gaining access to the company’s system, they encrypted the data that is instrumental in running the company’s day-to-day activities, making it impossible for employees to do their work.
The ransomware gang linked to this attack is the Akira gang, which became infamous in 2023 for using sophisticated techniques to encrypt data and demand ransom. In the attack on KNP, however, the gang did not state the ransom’s worth; rather, they left a note which reads: “If you’re reading this it means the internal infrastructure of your company is fully or partially dead…Let’s keep all the tears and resentment to ourselves and try to build a constructive dialogue,”
A ransomware negotiation firm has estimated that the gang would have demanded over $5 million to release the encrypted data. Since the company does not have enough money to pay the ransomware gang, KNP ceased operations.
While it may be impossible to anticipate all the tactics that hackers deploy, companies should regularly update their security architecture and educate employees on the nature of these attacks.
