Podcast Summary: Click Here
Episode: Knights of Old and a ransomware joust
Date: December 2, 2025
Host: Dina Temple-Raston
Overview
In this episode, Click Here revisits the dramatic collapse of the venerable British logistics firm Knights of Old following a ransomware attack by the Akira gang. The story showcases both the evolving sophistication of ransomware groups and the devastating, often unpredictable, impact such attacks can have—even on companies that have survived world wars, depressions, and decades of change. The episode follows Paul Abbott, a long-standing leader at Knights of Old, as he and his colleagues face the company's existential crisis, the mechanics of the attack, and its aftermath, with expert insights throughout.
Key Discussion Points & Insights
1. The Legacy of Knights of Old
- Knights of Old, with roots back to 1865, was a pillar of UK logistics (00:02–02:30).
- The business had adapted through two world wars, the Great Depression, Brexit, and the web, earning a reputation for resilience and reliability.
Quote:
"It was a logistics company that weathered two world wars, economic downturns, and even Brexit. But then a ransomware gang called Akira forced its way into the company's systems." – Dina Temple-Raston (00:20)
2. The Attack: What Happened and How
- The incident began in June 2023, on an otherwise ordinary day—a testament to how these crises often start unremarkably (05:17–05:36).
- At first, staff thought it was a routine technical problem. They reverted to manual operations to keep cargo moving (05:46–06:12).
- Discovery: The IT team found a mysterious file—ultimately the ransom note (04:18–04:31).
- The ransom note made clear the hackers had deep access and destroyed backups (06:28–07:10).
Quote:
"I felt a bit cold, really. It's a bit of a sobering moment. You think, oh, my God... they're going to want a load of money." – Paul Abbott (07:13)
3. Security Posture—and Its Limits
- Despite best practices—cybersecurity training, strict protocols, password management, cyber insurance, and certifications—Knights of Old was still vulnerable (07:25–08:17).
- The company sought immediate outside help from Paul Cashmore of Solace Global Cyber (08:46–09:34), who led a technical incident response.
Quote:
"You've got to have the same focus on protecting your data and your infrastructures, because somebody's going to break in. Not to steal goods, they're going to steal your data." – Paul Abbott (07:49)
4. How Akira Breached the Systems
- The entry point: a brute force attack cracked an employee password, providing a foothold (09:34–10:27).
- Akira then moved laterally, destroying backups, evading antivirus, and exfiltrating sensitive data (10:27).
- Virtual servers—'a holy grail' for hackers—were fully encrypted, causing massive operational paralysis (10:58–11:40).
Quote:
"Every server that they had was completely destroyed." – Paul Cashmore (11:31)
5. The Ransomware Dilemma: To Pay or Not
- The ransom note instructed the company to get its insurer involved; negotiations could demand $2.5–5 million, life-threatening amounts for the business (12:00–16:58).
- Even if the ransom was paid, there was little guarantee the data would be readable or complete (17:17).
- On expert advice, Knights of Old ultimately decided not to pay.
Quote:
"It might not be in the order that you need it. It might just be a bucket of numbers. You know, it's corrupted the information that you probably can't work with." – Paul Abbott (17:17)
6. Akira’s Methods and the Ransomware Ecosystem
- Ransomware as a service: groups sharing code, tactics, and resources (13:09–14:51).
- Akira specializes in targeting companies with weaker security—e.g., lacking multi-factor authentication or with unpatched vulnerabilities.
- Akira's code and methods show strong similarities to the infamous Conti gang.
- Sometimes, even after the ransom is paid, the extortion continues—additional payments are demanded to prevent public data leaks (16:27).
Quote:
"You know, what's going to be the hottest thing on the scene, Right?... For years now, ransomware is top right." – Carrie Schaefer Page (13:09)
7. Consequences: Data Leaked, Company Collapse
- Akira, denied a ransom, released sensitive company data on the Dark Web, including payroll files and invoices (18:08–18:25).
- Some feared damages from former employees or legal claims, but few immediate issues materialized from the leak (18:36–18:55).
- The real cascade hit months later. With their parent company in bankruptcy, Knights of Old sought loans to recover. But their lender demanded financial reports lost in the attack, leaving them unable to comply or recover (19:18–20:27).
Quote:
"With a little more time, Paul Abbott said, they likely could have gotten them back. But the company's lender said, time's up. And with that, Knights of Old... was finally forced to shut its doors. All told, about 600 people at Knights of Old lost their jobs." – Dina Temple-Raston (19:18–20:27)
8. The Human Impact and Blame
- Despite doing everything 'right,' Knights of Old faced community suspicion and stigma after the breach (20:48–21:22).
- Paul Abbott emphasized the unfairness of the post-breach narrative.
Quote:
"We weren't negligent people, you know, we, we, we just ran out of luck." – Paul Abbott (21:16)
Notable Quotes & Memorable Moments
- On discovery:
- "I joined them in what we called the war room at that time." – Paul Abbott (09:30)
- On the impact of leaks:
- "It was all very pointless and very destructive for no gain." – Paul Abbott (18:55)
- On emotional fallout:
- "They just lost a job that they dearly loved, you know, and a community that was broken up." – Paul Abbott (20:36)
- On the broader meaning:
- "For 150 years, Knights of Old had survived everything. And now, in a blink of an eye, it was gone." – Dina Temple-Raston (21:22)
Timestamps for Key Segments
- Introduction to Knights of Old’s legacy: 00:02–02:30
- Ransomware attack discovery: 04:18–07:10
- Security measures, calling for help: 07:25–09:34
- Attack details and scope: 09:34–11:40
- Pay or not to pay: 12:00–16:58
- Akira and ransomware industry context: 13:09–16:27
- Aftermath: leaks and business collapse: 18:08–20:27
- Personal and community impact: 20:48–21:22
Tone and Language
The episode balances clear technical explanation with human storytelling, often using vivid, conversational analogies and personal testimony. There is a tone of respect for the people affected, combined with a sense of urgency and realism about the modern cyber threat landscape.
For listeners and businesses alike, the fall of Knights of Old is a sobering case study in how cybersecurity failures—even in organizations that try to do everything right—can have lasting, tragic consequences.