A cyber-attack targeting KP Snacks could lead to a shortage of some of Britain’s most popular snacks including Hula Hoops, McCoy’s and Tyrrells crisps, Butterkist, Skips, Nik Naks and KP Nuts.
The company has sent a letter to stores saying the ransomware attack, which has crippled its IT and communications systems, could lead to supply issues until “the end of March at the earliest” as it “cannot safely process orders or dispatch goods”.
The warning message, sent out through the groceries wholesaler Nisa, said KP Snacks was going to limit the size of orders to retailers so it could “manage what stock we do have”, according to the website Better Retailing, which first published news of the attack.
“On Friday 28 January we became aware that we were unfortunately victims of a ransomware incident,” said KP Snacks in a statement. “As soon as we became aware of the incident, we enacted our cybersecurity response plan and engaged a leading forensic information technology firm and legal counsel to assist us in our investigation.
“Our internal IT teams continue to work with third-party experts to assess the situation. We have been continuing to keep our colleagues, customers, and suppliers informed of any developments and apologise for any disruption this may have caused.”
The hackers are threatening to release information stolen from the company’s IT systems in order to try to force it into making a payment to decrypt its files to continue operations.
“This is another example of the real-life consequences that ransomware can have, and they are becoming more common than ever before,” said Carl Wearn, head of risk and resilience at cybersecurity firm Mimecast.
“Our recent report found that organisations in the UK experienced an average of 3,000 ransomware attacks in the last two years, at a rate of four attacks per day.”
In October, the crisp firm Walkers was hit by IT issues that resulted in gaps on shelves that lasted through to the end of December.
In December, the Spar wholesaler and store operator James Hall was also hit by severe IT issues after a cyber-attack affected more than 600 independent and centrally owned Spar stores across the north of England, forcing many to close temporarily.
Jeremy Fleming, the head of UK intelligence agency GCHQ, disclosed in October that the number of ransomware attacks on British institutions had doubled in the previous year. The impact on the British economy is estimated to run into the hundreds of millions of pounds, mostly stemming from the costs of immobilising businesses.
Fleming said locking files and data on a user’s computer and demanding payment for their release had become increasingly popular among criminals because it is proving to be highly profitable.
“It works,” he said, speaking at the Cipher Brief annual threat conference last year. “It just pays. Criminals are making very good money from it and are often feeling that that’s largely uncontested.”
In June, meat producer JBS, which supplies more than a fifth of all the beef in the US, paid a £7.8m ransom to regain access to its computer systems.
The same month, the US’s largest national fuel pipeline, Colonial Pipeline, paid £3.1m to ransomware hackers after they locked the company’s systems, causing days of fuel shortages that paralysed transportation on the east coast.
Then in July, hackers attacked software firm Kaseya, demanding £50m, which resulted in hundreds of supermarkets closing in Sweden because their cash registers didn’t work.
“Cybercriminals are still little more than exploitative bullies looking for easy money,” said Andy Barratt, UK managing director at cybersecurity consultancy Coalfire. “There is no better way to have a ransom paid, than by promising a business it will lose more in potential profits than if they simply pay the fee. Wherever there is financial, personal, or project-related data there is always a risk.”
However, the UK’s National Cyber Security Centre (NCSC) has warned that even if firms pay up “there is no guarantee that you will get access to your computer or your files”.
Last week, the NCSC, part of GCHQ, urged British companies to bolster their digital security over concerns of possible Russian cyber-attacks linked to the growing political crisis in Ukraine.
A cyber-attack on Ukraine government websites earlier this month warned the public to “be afraid and expect the worst”, which Ukraine said was orchestrated by Russia.