Member Article

KP Snacks hit by major ransomware attack

KP Snacks, the producer of McCoys, Hula Hoops and various varieties of nuts, has been hit by a major ransomware attack, which has led to severe supply chain issues.

In a letter to retailers, first reported by Better Retailing, the company said it “cannot safely process orders or dispatch goods”.

In a statement, a KP Snacks spokesperson said: “On Friday 28 January we became aware that we were unfortunately victims of a ransomware incident. As soon as we became aware of the incident, we enacted our cybersecurity response plan and engaged a leading forensic information technology firm and legal counsel to assist us in our investigation.

“Our internal IT teams continue to work with third-party experts to assess the situation. We have been continuing to keep our colleagues, customers, and suppliers informed of any developments and apologise for any disruption this may have caused. While this is causing some disruption to our manufacturing and shipping processes, we are already working on plans to keep our products stocked and on shelves.”

In a post on the darknet, seen by BBC News, cyber-criminals published personal documents from staff, with the company letterhead.

A countdown timer on the page warns more will be published unless a ransom is paid.

Cyber security expert, Charlie Smith, Consultant Solutions Engineer at Barracuda Networks commented: “Ransomware is the biggest threat facing organisations in the current climate. Our recent research even revealed that global ransomware incidents surged by 64%, year over year, between 2020 and 2021. This is because opportunistic cyber criminals are using more sophisticated tactics to bypass legacy systems and trick vulnerable access points, such as untrained and credulous employees.

He continued: “once a ransomware attack has taken hold, there is not much the victims can do, and as in the most recent case example which has afflicted KP Snacks, this can lead to a compromise of sensitive customer and business information, severe supply chain issues, monetary loss and reputation damage.

Charlie then went on to urge businesses to employ the correct prevention methods: “this is why it is imperative that all organisations recognise the urgency of this threat, and implement the necessary defence precautions. This includes employing sophisticated email inbox defence software, and rigorous training to ensure that staffers are protected against highly-engineered spear-phishing attacks designed to steal log in credentials and data. Protecting data itself with a secure and third-party backup solution is also imperative, so that if a ransomware attack does take control of your data, there is no need to pay a ransom or compromise on service availability. Finally, securing applications and websites with firewalls and Zero Trust Access solutions is essential to bolstering defences against sophisticated cyber tactics, such as the use of malicious bots and bad actors.”

This was posted in Bdaily's Members' News section by Nick Till .