[mark@internets ~]$_
Mark Watkinson

Mark Watkinson

Full-stack software developer based in Solihull/Birmingham UK. Not a penguin.

LinkedIn Email
© All rights reserved.

Published: Mon Jul 21 2025

Commercial IT Infrastructure

The BBC is currently reporting a story where ransomware put a company out of business:

One password is believed to have been all it took for a ransomware gang to destroy a 158-year-old company and put 700 people out of work.

KNP director Paul Abbott says he hasn't told the employee that their compromised password most likely led to the destruction of the company. "Would you want to know if it was you?" he asks.

https://www.bbc.co.uk/news/articles/cx2gx28815wo

I find this kind of reporting very frustrating, because it's very misleading to place fault on one employee password rather than the overall IT infrastructure and policies that the organisation decided on.

There are multiple options this company had available to them to prevent a weak password being a single point of failure for themselves and their 700 employees. They could have enforced a password policy requiring stronger passwords and they could have enforced two factor authentication such that a password is necessary but not sufficient for authentication.

Furthermore, if one user account was able to irreversibly destroy data to the point that the company can no longer survive then they were always on thin ice because a few accidental keystrokes could have destroyed the company at any time. They could have had more stringent access controls on write access to data, and for them to fail to recover from this implies they did not have an effective backup strategy.

It is notable that this company's survival depended upon IT infrastructure, yet they clearly did not treat IT with an appropriate level of professionalism. Data loss will occur eventually from accident or hardware failure, not just from malice, and if a company can't survive that then they are not handling their IT professionally.

This was a failure of the organisation, and to frame the story otherwise is incorrect.

In the UK we also recently had Marks & Spencer suffer some kind of hack which led to them pausing online orders for weeks. The idea of an online retailer not taking orders for weeks sounds absurd. Amazon would consider it an emergency if they were unable to accept orders for minutes. How is it that Amazon has never suffered this kind of hack despite being a much bigger target? The obvious answer is that they take their IT infrastructure seriously, whereas many UK firms do not.