UK logistics firm suffers ransomware attack, leading to insolvency and job losses

UK Logistics Giant Cites Ransomware Attack for Financial Woes and 730 Job Losses

In a significant development in the world of logistics, KNP Logistics, recognised as one of the UK's largest privately-owned logistics companies, declared insolvency, attributing its financial downfall to a ransomware attack that transpired in June.

The fallout from this insolvency process will result in approximately 730 employees facing redundancy. However, a silver lining emerges as one of the group's core entities has been successfully sold, preserving around 170 jobs.

This incident sheds light on the severe threat posed by ransomware attacks, underlining the warning from experts about the potential devastation they can wreak on businesses. Nonetheless, it's essential to note that KNP Logistics Group was grappling with financial difficulties even before the ransomware attack, as pointed out by Raj Mittal, the joint administrator overseeing the insolvency proceedings.

Mittal stated, "Against a backdrop of challenging market conditions and without being able to secure urgent investment due to the attack, the business was unable to continue. We will support all affected staff through this difficult time."

Administrators shed light on the ransomware attack, stating the "major ransomware attack…affected key systems, processes and financial information. This adversely impacted on the financial position of the Group and ultimately, its ability to secure additional investment and funding."

Back in June, KNP Logistics Group, operating under various names, including Knights of Old, fell victim to the Akira ransomware gang's assault.

In a positive turn of events, cybersecurity firm Avast publicly released a decryptor for the Akira ransomware in July, providing a glimmer of hope for the numerous victims targeted since the gang's emergence in the spring. It's worth noting that the decryptor had previously been privately circulated among incident responders.

The extent to which KLP Logistics could have utilised the decryptor remains uncertain. When asked about whether KLP had reached out to law enforcement or an external incident response firm following the ransomware attack, a spokesperson for the company's administrators did not respond to inquiries from Recorded Future News.

This incident aligns with concerns raised earlier this year by the National Cyber Security Centre and the Information Commissioner's Office (ICO), who jointly expressed growing apprehension that ransomware victims were concealing incidents from both law enforcement and regulatory authorities.

Last year saw a staggering rise in reported ransomware attacks on UK organisations, reaching record levels. Criminals successfully compromised data belonging to potentially more than 5.3 million individuals across over 700 organisations, according to a dataset that regrettably received little attention when published by the ICO.

The data also disclosed that numerous cyber incidents had affected the transport and leisure sector in the UK since April 2019. While data for 2023 is not yet available, UK Security Minister Tom Tugendhat recently emphasised that the UK remains a prime target for cybercriminals, with their attempts to disrupt hospitals, schools, and businesses wreaking havoc and incurring significant costs to taxpayers.

An NCSC spokesperson emphasized, "Ransomware is one of the most significant cyber threats facing the UK and attacks can have far reaching impact. The NCSC has published free and actionable advice for organisations of all sizes on how to put robust defences in place to protect their networks."