Click Here Podcast Summary: "Knights of Old and a Ransomware Joust"

Podcast Information:

• Title: Click Here
• Host: Dina Temple-Raston
• Author: Recorded Future News
• Episode Title: Knights of Old and a Ransomware Joust
• Release Date: January 28, 2025
• Description: The podcast that tells true stories about the people making and breaking our digital world. Each episode delves into the realm of cyber and intelligence, bringing listeners into the intricate world of ransomware attacks, mysterious hackers, and the heroes striving to combat them.

1. Introduction to Knights of Old

Dina Temple-Raston sets the stage by introducing Paul Abbott, the part-owner of Knights of Old, a storied UK logistics company with a legacy spanning over 150 years.

• [00:02] Dina Temple-Raston: “For over 35 years, Paul Abbott worked at a logistics company in the UK with a name that was almost aggressively British. Knights of Old.”

Knights of Old began in 1865, originally transporting goods via horse and buggy. Over the decades, the company adapted to technological advancements, including the transition to truck-based logistics and the integration of the World Wide Web.

• [01:09] Paul Abbott: “Oh, yes, yeah, I've been around it. Got a very good reputation for many, many years.”

2. The June 2023 Ransomware Attack

In June 2023, Knights of Old faced an unprecedented cyber threat. The company's operations were crippled by a ransomware attack orchestrated by the Akira hacker group.

• [03:05] Paul Abbott: “I was in the operations office and the tech guy came through and said, look, I think we've got a problem.”

Initially suspecting a mere technical glitch, the team resorted to manual processes to keep operations running.

• [04:44] Dena Temple-Raston: “So Paul and the team just decided to go old school. While it got fixed, they were texting drivers, writing out tickets by hand and manually processing orders.”

The gravity of the situation became clear when a ransom note appeared, indicating that Akira had encrypted the company's data and demanded a substantial payment.

• [05:20] Paul Abbott: “It said, you need to tell your insurance company to contact us and we'll negotiate a way where we can get back information to you so that you can carry on with your business.”

3. Responding to Akira: Negotiations and Outcome

Despite extensive cybersecurity measures, Knights of Old fell victim to a sophisticated brute force attack. This method involved systematically attempting numerous password combinations until access was gained.

• [09:19] Paul Cashmore: “More generally, once those threat actors have a foothold, they're then going to try and set up multiple backdoors, work their way through your system.”

Paul Abbott and his team enlisted the help of Paul Cashmore, CEO of Solace Global Cyber, to navigate the crisis.

• [07:38] Paul Cashmore: “We provide first response services for people that have had ransomware type incidents.”

Despite the expertise, the ransom demanded by Akira ranged from $2.5 to $5 million, a sum crippling for the company, especially amidst recent financial strains from opening a new warehouse.

• [15:33] Paul Abbott: “Even before the hack, we'd just opened up a new warehouse, so our cash reserves were at probably the lowest point in the year.”

Facing the dilemma of paying a hefty sum with uncertain returns, Paul Abbott chose not to comply, hoping to rebuild without capitulating to the hackers.

• [16:20] Paul Abbott: “It might not be in the order that you need it. It might just be a bucket of numbers. You know, it's corrupted the information that you probably can't work with.”

4. Aftermath: Bankruptcy and Job Losses

The aftermath of the attack was devastating. Without access to critical financial reports, Knights of Old struggled to secure necessary loans, leading to the parent company's bankruptcy.

• [18:09] Dena Temple-Raston: “They survived for now. But a few months after the attack, they got more bad news.”

The closure resulted in approximately 600 job losses, marking the end of a venerable institution.

• [19:18] Paul Abbott: “You know, 150 years and it's been closed. People have lost their jobs.”

Moreover, public perception shifted unfavorably, with some blaming the company for inadequate security, despite their proactive measures.

• [19:40] Paul Abbott: “We weren't negligent people, you know, we just ran out of luck.”

5. Insights from Carrie Schaefer Page on Ransomware Groups

Carrie Schaefer Page, a ransomware negotiator at Arctic Wolf, provides expert analysis on the nature of groups like Akira.

• [12:10] Carrie Schaefer Page: “These groups are coming in, Akira being one of them. And like, I feel like it's like the Amazon of the dark web, right?”

Akira operates under the Ransomware as a Service (RaaS) model, collaborating and learning from other hacker groups to enhance their tactics.

• [13:22] Carrie Schaefer Page: “If you become disgruntled with who you're working with, you may adopt some of their behaviors or attributes and then go splinter off and do something on your own.”

She highlights the challenges in combating such adaptable and resourceful groups, emphasizing the constant evolution of their strategies.

• [14:10] Carrie Schaefer Page: “There was also similarities in the way that they processed the crypto wallets… there were similarities that were detected.”

6. Other Cyber and Intelligence News

Following the in-depth case study, Dina Temple-Raston transitions to a roundup of current cyber and intelligence stories.

a. Ross Ulbricht's Pardon:

• Ross Ulbricht, convicted for operating the Silk Road marketplace, was pardoned by President Trump. Despite his pleas and support from libertarians and crypto enthusiasts, his release marked a significant moment in cybersecurity and legal circles.

b. Disbandment of CISA's Cyber Safety Review Board (CSRB):

• The Trump administration dissolved the CSRB, a committee comprising cybersecurity experts, including former CISA head Chris Krebs. This decision has raised concerns about the future of coordinated cybersecurity efforts within the Department of Homeland Security.

• [22:49] Paul Abbott: “I guess the question is, do you see a continued role for CISA?”

c. AI Judges at the X Games:

• The 2025 X Games in Aspen introduced OWL AI, an AI system developed by Google to assist in judging snowboarders' performances. While the AI provides real-time analysis and feedback, human judges retain the final scoring authority.

• [24:10] Unknown: “Now the footage can be slowed down so that the AI can accurately name the trick and provide its own score.”

Conclusion

The "Knights of Old and a Ransomware Joust" episode of Click Here offers a compelling narrative of legacy, resilience, and vulnerability in the digital age. Through Paul Abbott's experience, listeners gain insight into the devastating impact of ransomware attacks, the complexities of cybersecurity defenses, and the harsh realities businesses face when confronted with modern cyber threats. Complemented by expert opinions and current cyber news, the episode underscores the ever-evolving landscape of cyber intelligence and the critical need for robust security measures in safeguarding our digital future.

Notable Quotes:

• Paul Abbott [15:33]: “Even before the hack, we'd just opened up a new warehouse, so our cash reserves were at probably the lowest point in the year.”

• Carrie Schaefer Page [13:22]: “These groups come together, work with one another.”

• Paul Abbott [19:40]: “We weren't negligent people, you know, we just ran out of luck.”

This summary captures the essence and key discussions of the "Knights of Old and a Ransomware Joust" episode, providing a comprehensive overview for those who haven't listened to the full podcast.