Weak Password Destroys 158-Year-Old UK Transport Company: Akira Ransomware Claims 700 Jobs
In 2023, one of the United Kingdom’s oldest transport companies—established 158 years ago—declared bankruptcy following a devastating ransomware attack. The cyber assault brought the operations of Knights of Old (also known as KNP) to a standstill, immobilizing over 500 lorries and resulting in the loss of 700 jobs. According to a report by the BBC, the attack was orchestrated by the cybercriminal group known as Akira.
The attackers infiltrated the company’s internal systems through a glaring instance of human error. An employee had set a password so weak it was guessed on the very first attempt. The identity of this vulnerable link was not disclosed by KNP management. Once inside, the hackers encrypted the company’s operational data and demanded a ransom for its decryption.
The ransom note was brazenly cynical. It stated that if the message was visible, it meant the company’s internal infrastructure was dead—completely or partially. The hackers then invited the victims to “not cry or take offense,” but instead attempt to “establish a constructive dialogue.”
As revealed in the BBC’s Panorama documentary, KNP had a cyber insurance policy in place, and the specialist response team from Solace Global was dispatched immediately. According to expert Paul Cashmore, the team arrived on-site the day after the attack and quickly determined that the company’s entire data infrastructure had been encrypted. Servers, backups, and even the disaster recovery system had been annihilated. Furthermore, every employee’s device had been compromised. It was, he noted, the worst-case scenario imaginable.
An external consultancy assessed the potential ransom demand at up to £5 million—an insurmountable figure for KNP. The documentary makes it clear: the company simply did not possess the funds to pay.
A spokesperson for the UK’s National Cyber Security Centre commented on the incident, affirming that the agency remains committed to making the UK one of the safest countries in the world for online activity. However, they acknowledged that ransomware attacks—where criminals profit directly from their victims—are becoming alarmingly frequent.
A study cited by the BBC indicates that the average ransom demand made to UK companies stands at approximately £4 million. In that light, the demand faced by KNP was, disturbingly, within the bounds of what has become standard practice in such attacks.