The digital world is a cat-and-mouse game, and you don't want to be the mouse.

I'm sure a small part of the estimated 5 million pound ransom would have gotten them a decent backup system. Even a "hot spare".

If you have a small company, have a couple trusted employees (or the CEO) keep an encrypted disk at home and rotate it once a month or three.

So, the hackers wrote "let's have a dialogue". Then a negotiation firm guessed "5 million pounds", and they gave up and shut down instead of trying to negotiate?

Was that for legal reasons? Scruples?

Blaming the employee for the failure of the company is wrong. The company failed because they didn't have good data management or access controls. If the password was compromised due to being "weak", then the company also didn't have good password controls.

Their company did not fail because of a ransomware hack.

Their company failed from not having adequate off-site backup of their data.

The cloud does absolutely nothing to protect you from needing a real disaster recovery plan, and any business that doesn't have one deserves what they plan for (or don't plan for).

Also: a backup that isn't tested is not a backup to bet your business on. Back up your shit, test your backups, and make sure there is a copy of your tested backup somewhere that a ransomware dipshit can't get to it, like LTO tapes in a closet in your office.

No; a weak password did not kill this company.

Management not investing in the most basic of backup systems is what killed the company.

Companies get their systems wiped out everyday nowadays by ransomeware hackers. Then, they pull the plug on the internet, scrub the computers, and restore from a recent backup. That is management.

This is stupidity.

> In KNP's case, it's thought the hackers managed to gain entry to the computer system by guessing an employee's password, after which they encrypted the company's data and locked its internal systems. KNP director Paul Abbott says he hasn't told the employee that their compromised password most likely led to the destruction of the company.

This would have to be the system administrator's password and even then I would say is was poor management if they had access to all.

This is a constant fight that I have with clients. Everything needs to be easy. Security is not a consideration. Then something happens and they look for answers that don't interfere with operations. Everyone else is to blame.

If the data is that important then it should have been secured behind more than one employees password.

It was unthinkable to run a company without reliable backups 25+ years ago. Today I'd call it criminal negligent. How many more stories does the CIO need before s/he make this a priority?

Just incredible how this keeps happening.

Unless the IT dept tried to implement security and proper backups and were denied, this is the IT departments fault. Some random employee with a weak password can't cause the loss of a properly implemented network.

Imagine it's 1950s or earlier. You run a business that lives or dies by paper records, such as an insurance company, land office, or something similar.

Your office burns down, taking all the data with it. You don't have off-site backups (microfilm, carbon copies, or what-not). Thankfully the fire was after-hours and nobody was hurt.

Your business is probably toast, figuratively and literally. At best, you are insured and will be able to start over from scratch, but your existing customers might prefer to

The BBC article said that they followed current cybersecurity guidelines and had cyber security insurance.

What did that "insurance" provide, exactly, in this case?

A ransomeware group worth spit would have poisoned your backups so when you're having your genius moment to restore from snapshot or tape backup from last month guess what? It has ransomeware as well!

This is if you actually have encrypted, off site and immutable backups that are worth poisoning. When was the last time you checked in your company how easy it is to infect backups?

This is why some EDR solutions have anti-ransomeware mechanisms to secure contents before or as it's being encrypted.

This is also why you might have a managed SIEM service so when dodgy stuff happens on your network it can be caught early or reacted to before everything is crypto locked.

Also there you might look at replication solutions that will help you recover by restoring only parts of the data you know is safe based on signing or last update values.

The answer is not EDR or XDR or SIEM, replication, immutable backups etc etc althought that's tempting.

The answer is proportional training and defence in depth with an incident response plan to match for when shit happens you can take appropriate action.

As a security professional it is your job to consider the realistic risk to the company, the cost of the impact should an incident occur and how to mitigate, avoid, prevent or accept that risk. Ideally at a much lower cost.

When a CEO wants to know why money should be spent, AKA what is the return on security investment this story and it's impact should not be quoted. Instead it's better to understand the relevant risk and impact to the specific business of that CEO's company.

How much could a ransomeware attack cost your business? What are the odds you'll be attacked in the next 10 years? What is the cost of mitigation per year? Should you outsource? Should you get cyber insurance? Do you need a crack team of ITsec incident response professionals?

Hire a consultant today. One annual thorough annual review might save you and your employees a lot.

Complacency and an odd loathing of "modern" technology (computers are no longer "modern" in 2025 while everyone has had decades to get familiar) among many who should know better will continue to end in tears.

I use stories like this one to remind my friends to back up their data and in at least three places (the Rule of Threes is easy for non-techies to remember).

If your business burns to the fucking ground your backup(s) should permit rapid reload from bare metal. Many Slashdotters back up our personal dat

And if "one bad password" is enough to kill a company, then the C-levels there screwed up massively. Probably criminally negligent at that scale.

Death penalty. Not only that, but public gladiatorial combat. Televised and broadcast for free. Seriously, we'll only need to do maybe 30 of these and hacking will be solved.