Industry thought leaders comment on KP Snack attack

KP Snacks has announced it was victim of a ransomware attack recently which may lead to a shortage of crisps and snacks

KP Snacks has announced it was the victim of a cyberattack.

In a statement on its website the company said: “On Friday, 28 January we became aware that we were unfortunately victims of a ransomware incident. As soon as we became aware of the incident, we enacted our cybersecurity response plan and engaged a leading forensic information technology firm and legal counsel to assist us in our investigation. Our internal IT teams continue to work with third-party experts to assess the situation.  We have been continuing to keep our colleagues, customers, and suppliers informed of any developments and apologise for any disruption this may have caused.”

Cybersecurity industry thought leaders have shared their comments on the attack.

Todd Carroll, CISO, CybelAngel comments:

"It is critical that food manufacturers take a proactive cybersecurity posture and gain visibility into their supply chain. The fact is, we are seeing a significant increase in food manufacturers like KP Snacks becoming preferred targets for ransomware groups. Given the nature of consumables and the importance of food safety, this is alarming for all of us. Without a proactive cybersecurity posture and visibility into their supply chain, they risk their brand's reputation, compromised products, and extensive downtime costing tens or even hundreds of millions of pounds."

Neil Jones, Cybersecurity Evangelist, Egnyte says: 

"The KP snacks ransomware attack demonstrates that your organisation needs to make cybersecurity a Boardroom priority, if you haven't done so already. For years, cybercriminals have attacked targets for financial gain, but now we're seeing an alarming pattern of debilitating attacks on our food, critical infrastructure, and IP supply chain, which can have a crippling impact across the economy. While advocating support from your executive team, you need to implement proactive data hygiene and protective behaviours, such as patching your CVEs and hardening your databases now. It could be a real lifesaver." 

John Rodgers Principal Incident Response Consultant at F-Secure says: 

“This incident seems rather normal for a ransomware attack hitting a food manufacturing/distribution company. While it’s hard to say how long it would really take them to get back up and running, it is good to see that KP is under no illusion that it may take them at least 2 months to get back and running.”

Steve Moore, chief security strategist, Exabeam says: 

"It's unfortunate to see another organisation become one of the 400 victims and counting to be hit by Conti. Unfortunately, these groups keep getting away with these intrusions because they are experts at compromising credentials. Specifically, they utilise Mimikatz, Kerberoast to attack Kerberos, and even check for saved passwords in domain group policy files. Interestingly, they will specifically search for security policy and cyber insurance documents - showing that context matters even to the adversary!”


Featured Articles

Barracuda: Why Businesses Struggle to Manage Cyber Risk

Barracuda Networks CIO report shows that six in 10 businesses struggle to manage cyber risk, with issues such as policy struggles and management buy-in

Evri, Amazon and Paypal Among Brands Most Used by Scammers

With the development of AI, cybercriminals are becoming more and more sophisticated in their attacks, using fake websites and impersonating popular brands

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Technology & AI

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Cyber Security

Speaker Lineup Announced for Tech Show London 2024

Technology & AI