Skip links

Nothing to scoff at: Crisps and nuts biz KP Snacks smacked in ransomware hack attack

Some of Britain’s favourite pub munch could end up in short supply after KP Snacks, makers of nuts and crisps, suffered a ransomware attack.

KP dry roasted peanuts

A family pack perfectly normal single serving of KP dry roasted peanuts

Kenyon Produce, to give the company its formal name, wrote to small shops around the UK saying it had been infected with ransomware on 28 January, as reported by industry news site Better Retailing.

The letter said:

The company said it didn’t know when the attack would be resolved.

Bleeping Computer reported they’d seen leak pages showing that the attackers were the WizardSpider ransomware gang, known for unleashing their signature Conti ransomware in a paralysing attack last year on the Republic of Ireland’s state-run health service.

KP was allegedly given five days by the extortionists to pay a ransom. So far the ransom sum demanded is not known. Representatives of KP had not answered phonecalls seeking comment.

John Vestberg, chief exec of Swedish network security firm Clavister, praised KP’s “transparency and diligence”, saying: “KP reacted in a rapid and considered fashion. Where other companies have previously failed and succumbed to paying huge ransoms, KP brought third party experts on in the earliest stages to help minimise damage and drive a forensic investigation that could be passed over to the relevant authorities.”

“This sharing of information is one way that cybercriminals such as these attackers can be tracked down and stopped from causing more destruction in future,” he added.

The damage caused to a fast-moving consumer goods (FMCG) firm such as KP Snacks by a ransomware attack is likely to be severe. FMCG logistics, particularly in foodstuffs, are not known for their long lead times. Meanwhile, ransomware attacks can take weeks or months to fully clean up: if the ransom isn’t paid, networks need to be rebuilt from scratch before being populated with data from backups.

Over the last two years ransomware gangs have concentrated on the soft underbelly of the West: medical and pharmaceutical companies.

A recent Wired feature on Trickbot revealed that gang’s thinking: “fuck clinics in the USA this week” said one criminal in an online chat seen by the magazine. ®