Swedish Supermarkets Closed Down By US Ransomware Attack

Uploaded on 2021-07-06 in TECHNOLOGY--Hackers, INTELLIGENCE--Europe, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Eight hundred Co-Operative supermarket (Co-op) stores in Sweden have been forced to close due to an ongoing massive IT supply chain attack in the US which affecting organisations around the world. The supermarket was not targeted by hackers directly, but is one of a growing number of organisations affected by an attack on a large software supplier the company uses.

Co-op Sweden says it closed the stores recently after point-of-sale tills and self-service checkouts stopped working and only shops in some remote areas were unaffected. The Swedish State Railways and a major local pharmacy chain have also been affected. 

Cyber security experts say the REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack that targeted a software supplier Kaseya, using its network-management package as a conduit to spread the ransomware through cloud-service providers. “One of our sub-contractors was hit by a digital attack, and that’s why our check-outs aren’t working anymore,” Co-op Sweden, which accounts for around 20% of the supermarket sector, said in a statement.
“We regret the situation and will do all we can to reopen swiftly.”

Researchers say about 200 businesses have been hit by this "colossal" ransomware attack, which had mainly affected the US.

Cyber security firm Huntress Labs said the hack targeted US IT company Kaseya before spreading through corporate networks that use its software. The firm believes the Russia-linked REvil ransomware gang was responsible. Kaseya said in a statement on its own website that it was investigating a "potential attack". It's understood that Co-op doesn't use Kesaya directly on its systems but that one of their software providers does.

The case highlights the growing concern in the cyber security world about supply chain attacks where hackers are able to claim multiple victims by attacking their supplier.

The UK's National Cyber Security Centre said: "We are aware of a cyber incident involving Kaseya, and we are working to fully understand its impact. "Ransomware is a growing, global cyber threat, and all organisations should take immediate steps to limit risk and follow our advice on how to put in place robust defences to protect their networks."

Kaseya's CEO Fred Voccola said in a statement that the company believes it has identified the source of the vulnerability and will “release that patch as quickly as possible to get our customers back up and running.”The New Zealand government’s Computer Emergency Response Team (NZ-CERT) has identified the attackers were from a hacking group known as REvil.

At a summit in Geneva last month, US President Joe Biden said he told Russian President Vladimir Putin he had a responsibility to rein in such cyber attacks. Mr Biden said he gave Mr Putin a list of 16 critical infrastructure sectors, from energy to water, that should not be subject to hacking. Last year, hackers extorted at least $18 billion using such software, according to cyber security firm Emsisoft.

Dagens Nyheter:     NCSC:      ABC:     BBC:     Straits Times:    BangkokPost:    WCMANews5:     VOA:   

Illinois News Today:     

You Might Also Read:

Why Is Retail Cyber Security So Weak?:

 

 

 

« $70m Ransom Demand To Restore Hacked Data
Cyber Security In Fintech: Top 5 Tips »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

FireEye

FireEye

FireEye delivers unmatched detection, protection and response technology through an extensible and flexible cloud-based XDR platform.

CybelAngel

CybelAngel

CybelAngel is a leading digital risk protection platform that detects and resolves external threats before these wreak havoc.

Cybersixgill

Cybersixgill

Cybersixgill was founded with a single mission: to protect organizations against malicious cyber attacks that come from the deep and dark web, before they materialize.

ISARA Corp

ISARA Corp

ISARA Corporation is a security solutions company specializing in creating class-defining quantum-safe cryptography for today's computing ecosystems.

Golden Frog

Golden Frog

Golden Frog is a Virtual Private Network services provider offering secure encrypted access to the internet.

Gulf Computer Services Co (GCSC)

Gulf Computer Services Co (GCSC)

Gulf Computer Services is a major player in the field of networking & Communication solutions for emerging industries such as Internet Services and Information Technology in Saudi Arabia.

Hunters.AI

Hunters.AI

Hunters is the world's first autonomous hunting solution that leverages top-tier cyber expertise and AI to uncover hidden cyber threats.

GMV

GMV

GMV is a technological business group offering solutions, services and products in diverse sectors including Intelligent Transportation Systems, Cybersecurity, Telecoms and IT.

Nominet

Nominet

Nominet's cyber division offers network detection and response services to governments and enterprises worldwide.

Grip Security

Grip Security

Grip Security provides comprehensive visibility, governance and data security to help enterprises effortlessly secure a burgeoning and chaotic SaaS ecosystem.

Telefonica Global Solutions (TGS)

Telefonica Global Solutions (TGS)

Telefonica Global Solutions is the technological partner of wholesalers and enterprises, helping them to achieve the digitalization they need.

A&O IT Group

A&O IT Group

A&O IT Group provide IT support and services including IT Managed Services, IT Project Services, IT Engineer Services and Cyber Security.

Corsica Technologies

Corsica Technologies

Corsica Technologies is recognized as one of the top managed IT and cybersecurity service providers. Our integrated IT and cybersecurity services protect companies and enable them to succeed.

HALOCK Security Labs

HALOCK Security Labs

HALOCK is an information security consultancy providing both strategic and technical security offerings.

Island

Island

Island puts the enterprise in complete control of the browser, delivering a level of governance, visibility, and productivity that simply weren’t possible before.

Certo Software

Certo Software

Certo are trusted experts in mobile security. At Certo, mobile security is not an afterthought, it’s what we do.