On 28 January a ransomware attack targeted the popular snack retailer, KP Snacks. The company warned shops that it could lead to a delivery shortage of its products such as, Skips, Nik Naks and KP Nuts.
KP Snacks, home to some of the UK’s most popular crisps and nuts, came under attack after the company was hit by a ransomware. Causing a huge impact on their IT and communications systems, the firm have said there could be delays until late-March due to currently not being able to safely process orders or dispatch goods.
What is ransomware?
Ransomware is a form of cyber-attack which locks files and data on a user’s computer where they demand payment for them to be released back to the owner. Spring of 2017, a ransomware called “WannaCry” afflicted over 200,000 computers in over 150 countries with a total estimated loss of around $4 billion (£3.3bn) globally.
The Russia-based Conti ransomware group have taken credit for the attack and has already released several sensitive documents. The group have reportedly breached the firms’ internal network, accessing, and encrypting financial documents and employee records.
Conti have previously hacked multiple companies, including Indonesia’s Central Bank, Ireland’s Department of Health, and the Nordic Choice Hotel Group. In September, the FBI, CISA and the NSA issued alerts about the rising number of Conti ransomware attacks where they had contributed to more than 400 cyberattacks.
KP Snacks issued a statement where the firm addressed the situation and issued an apology for any disruption caused.
“On Friday 28 January we became aware that we were unfortunately victims of a ransomware incident,” a spokesman said. “As soon as we became aware of the incident, we enacted our cyber-security response plan and engaged a leading forensic information technology firm and legal counsel to assist us in our investigation. We have been continuing to keep our colleagues, customers, and suppliers informed of any developments and apologise for any disruption this may have caused.”
KP Snacks were reportedly given five days to pay the ransom or see further stolen data released. They have not confirmed or denied whether they intend to pay the ransom or negotiate further.