Industry thought leaders comment on KP Snack attack

KP Snacks has announced it was victim of a ransomware attack recently which may lead to a shortage of crisps and snacks

KP Snacks has announced it was the victim of a cyberattack.

In a statement on its website the company said: “On Friday, 28 January we became aware that we were unfortunately victims of a ransomware incident. As soon as we became aware of the incident, we enacted our cybersecurity response plan and engaged a leading forensic information technology firm and legal counsel to assist us in our investigation. Our internal IT teams continue to work with third-party experts to assess the situation.  We have been continuing to keep our colleagues, customers, and suppliers informed of any developments and apologise for any disruption this may have caused.”

Cybersecurity industry thought leaders have shared their comments on the attack.

Todd Carroll, CISO, CybelAngel comments:

"It is critical that food manufacturers take a proactive cybersecurity posture and gain visibility into their supply chain. The fact is, we are seeing a significant increase in food manufacturers like KP Snacks becoming preferred targets for ransomware groups. Given the nature of consumables and the importance of food safety, this is alarming for all of us. Without a proactive cybersecurity posture and visibility into their supply chain, they risk their brand's reputation, compromised products, and extensive downtime costing tens or even hundreds of millions of pounds."

Neil Jones, Cybersecurity Evangelist, Egnyte says: 

"The KP snacks ransomware attack demonstrates that your organisation needs to make cybersecurity a Boardroom priority, if you haven't done so already. For years, cybercriminals have attacked targets for financial gain, but now we're seeing an alarming pattern of debilitating attacks on our food, critical infrastructure, and IP supply chain, which can have a crippling impact across the economy. While advocating support from your executive team, you need to implement proactive data hygiene and protective behaviours, such as patching your CVEs and hardening your databases now. It could be a real lifesaver." 

John Rodgers Principal Incident Response Consultant at F-Secure says: 

“This incident seems rather normal for a ransomware attack hitting a food manufacturing/distribution company. While it’s hard to say how long it would really take them to get back up and running, it is good to see that KP is under no illusion that it may take them at least 2 months to get back and running.”

Steve Moore, chief security strategist, Exabeam says: 

"It's unfortunate to see another organisation become one of the 400 victims and counting to be hit by Conti. Unfortunately, these groups keep getting away with these intrusions because they are experts at compromising credentials. Specifically, they utilise Mimikatz, Kerberoast to attack Kerberos, and even check for saved passwords in domain group policy files. Interestingly, they will specifically search for security policy and cyber insurance documents - showing that context matters even to the adversary!”


Featured Articles

UK police cyberattack a reminder of third party risk

Cyber criminals use back-door suppliers cyberattack to spread alarm through Britain's biggest police force

Building Cyber Resilience into ‘OT in Manufacturing’ webinar

Join Acronis' webinar, Building Cyber Resilience into ‘OT in Manufacturing’, 21st September 2023

Trustwave report on hospitality industry security threats

Nearly 31% of hospitality organisations have reported a data breach in their company’s history, according to a Trustwave cybersecurity report

Barracuda Managed XDR uses AI to uncover cyber incidents

Technology & AI

Imperva: 32% of work data breaches could have been avoided

Operational Security

Supply chain cyberattacks seen as catastrophic for business

Cyber Security