Industry thought leaders comment on KP Snack attack

Share
KP Snacks has announced it was victim of a ransomware attack recently which may lead to a shortage of crisps and snacks

KP Snacks has announced it was the victim of a cyberattack.

In a statement on its website the company said: “On Friday, 28 January we became aware that we were unfortunately victims of a ransomware incident. As soon as we became aware of the incident, we enacted our cybersecurity response plan and engaged a leading forensic information technology firm and legal counsel to assist us in our investigation. Our internal IT teams continue to work with third-party experts to assess the situation.  We have been continuing to keep our colleagues, customers, and suppliers informed of any developments and apologise for any disruption this may have caused.”

Cybersecurity industry thought leaders have shared their comments on the attack.

Todd Carroll, CISO, CybelAngel comments:

"It is critical that food manufacturers take a proactive cybersecurity posture and gain visibility into their supply chain. The fact is, we are seeing a significant increase in food manufacturers like KP Snacks becoming preferred targets for ransomware groups. Given the nature of consumables and the importance of food safety, this is alarming for all of us. Without a proactive cybersecurity posture and visibility into their supply chain, they risk their brand's reputation, compromised products, and extensive downtime costing tens or even hundreds of millions of pounds."

Neil Jones, Cybersecurity Evangelist, Egnyte says: 

"The KP snacks ransomware attack demonstrates that your organisation needs to make cybersecurity a Boardroom priority, if you haven't done so already. For years, cybercriminals have attacked targets for financial gain, but now we're seeing an alarming pattern of debilitating attacks on our food, critical infrastructure, and IP supply chain, which can have a crippling impact across the economy. While advocating support from your executive team, you need to implement proactive data hygiene and protective behaviours, such as patching your CVEs and hardening your databases now. It could be a real lifesaver." 

John Rodgers Principal Incident Response Consultant at F-Secure says: 

“This incident seems rather normal for a ransomware attack hitting a food manufacturing/distribution company. While it’s hard to say how long it would really take them to get back up and running, it is good to see that KP is under no illusion that it may take them at least 2 months to get back and running.”

Steve Moore, chief security strategist, Exabeam says: 

"It's unfortunate to see another organisation become one of the 400 victims and counting to be hit by Conti. Unfortunately, these groups keep getting away with these intrusions because they are experts at compromising credentials. Specifically, they utilise Mimikatz, Kerberoast to attack Kerberos, and even check for saved passwords in domain group policy files. Interestingly, they will specifically search for security policy and cyber insurance documents - showing that context matters even to the adversary!”


Share

Featured Articles

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

FS-ISAC CISO JD Denning explains the cyber strategies financial providers need to adopt in order to stay afloat in the wave of cyber attacks

Darktrace Reports 692% Surge in Black Friday Cyber Scams

AI cybersecurity firm Darktrace reveals increase in brand impersonation attacks targeting retailers, with holiday-themed phishing attacks rising 327%

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI

Gen Reports 614% Rise in Command Prompt Manipulation Scams

Cyber Security

SAVE THE DATE – Cyber LIVE London 2025

Cyber Security