KP Snacks has announced it was the victim of a cyberattack.
In a statement on its website the company said: “On Friday, 28 January we became aware that we were unfortunately victims of a ransomware incident. As soon as we became aware of the incident, we enacted our cybersecurity response plan and engaged a leading forensic information technology firm and legal counsel to assist us in our investigation. Our internal IT teams continue to work with third-party experts to assess the situation. We have been continuing to keep our colleagues, customers, and suppliers informed of any developments and apologise for any disruption this may have caused.”
Cybersecurity industry thought leaders have shared their comments on the attack.
Todd Carroll, CISO, CybelAngel comments:
"It is critical that food manufacturers take a proactive cybersecurity posture and gain visibility into their supply chain. The fact is, we are seeing a significant increase in food manufacturers like KP Snacks becoming preferred targets for ransomware groups. Given the nature of consumables and the importance of food safety, this is alarming for all of us. Without a proactive cybersecurity posture and visibility into their supply chain, they risk their brand's reputation, compromised products, and extensive downtime costing tens or even hundreds of millions of pounds."
Neil Jones, Cybersecurity Evangelist, Egnyte says:
"The KP snacks ransomware attack demonstrates that your organisation needs to make cybersecurity a Boardroom priority, if you haven't done so already. For years, cybercriminals have attacked targets for financial gain, but now we're seeing an alarming pattern of debilitating attacks on our food, critical infrastructure, and IP supply chain, which can have a crippling impact across the economy. While advocating support from your executive team, you need to implement proactive data hygiene and protective behaviours, such as patching your CVEs and hardening your databases now. It could be a real lifesaver."
John Rodgers Principal Incident Response Consultant at F-Secure says:
“This incident seems rather normal for a ransomware attack hitting a food manufacturing/distribution company. While it’s hard to say how long it would really take them to get back up and running, it is good to see that KP is under no illusion that it may take them at least 2 months to get back and running.”
Steve Moore, chief security strategist, Exabeam says:
"It's unfortunate to see another organisation become one of the 400 victims and counting to be hit by Conti. Unfortunately, these groups keep getting away with these intrusions because they are experts at compromising credentials. Specifically, they utilise Mimikatz, Kerberoast to attack Kerberos, and even check for saved passwords in domain group policy files. Interestingly, they will specifically search for security policy and cyber insurance documents - showing that context matters even to the adversary!”