Swedish Supermarkets Closed Down By US Ransomware Attack

Uploaded on 2021-07-06 in TECHNOLOGY--Hackers, INTELLIGENCE--Europe, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Eight hundred Co-Operative supermarket (Co-op) stores in Sweden have been forced to close due to an ongoing massive IT supply chain attack in the US which affecting organisations around the world. The supermarket was not targeted by hackers directly, but is one of a growing number of organisations affected by an attack on a large software supplier the company uses.

Co-op Sweden says it closed the stores recently after point-of-sale tills and self-service checkouts stopped working and only shops in some remote areas were unaffected. The Swedish State Railways and a major local pharmacy chain have also been affected. 

Cyber security experts say the REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack that targeted a software supplier Kaseya, using its network-management package as a conduit to spread the ransomware through cloud-service providers. “One of our sub-contractors was hit by a digital attack, and that’s why our check-outs aren’t working anymore,” Co-op Sweden, which accounts for around 20% of the supermarket sector, said in a statement.
“We regret the situation and will do all we can to reopen swiftly.”

Researchers say about 200 businesses have been hit by this "colossal" ransomware attack, which had mainly affected the US.

Cyber security firm Huntress Labs said the hack targeted US IT company Kaseya before spreading through corporate networks that use its software. The firm believes the Russia-linked REvil ransomware gang was responsible. Kaseya said in a statement on its own website that it was investigating a "potential attack". It's understood that Co-op doesn't use Kesaya directly on its systems but that one of their software providers does.

The case highlights the growing concern in the cyber security world about supply chain attacks where hackers are able to claim multiple victims by attacking their supplier.

The UK's National Cyber Security Centre said: "We are aware of a cyber incident involving Kaseya, and we are working to fully understand its impact. "Ransomware is a growing, global cyber threat, and all organisations should take immediate steps to limit risk and follow our advice on how to put in place robust defences to protect their networks."

Kaseya's CEO Fred Voccola said in a statement that the company believes it has identified the source of the vulnerability and will “release that patch as quickly as possible to get our customers back up and running.”The New Zealand government’s Computer Emergency Response Team (NZ-CERT) has identified the attackers were from a hacking group known as REvil.

At a summit in Geneva last month, US President Joe Biden said he told Russian President Vladimir Putin he had a responsibility to rein in such cyber attacks. Mr Biden said he gave Mr Putin a list of 16 critical infrastructure sectors, from energy to water, that should not be subject to hacking. Last year, hackers extorted at least $18 billion using such software, according to cyber security firm Emsisoft.

Dagens Nyheter:     NCSC:      ABC:     BBC:     Straits Times:    BangkokPost:    WCMANews5:     VOA:   

Illinois News Today:     

You Might Also Read:

Why Is Retail Cyber Security So Weak?:

 

 

 

« $70m Ransom Demand To Restore Hacked Data
Cyber Security In Fintech: Top 5 Tips »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Absolute Software

Absolute Software

Absolute provides persistent endpoint security and data risk management solutions for mobile devices - computers, tablets, and smartphones.

Technology Association of Georgia (TAG)

Technology Association of Georgia (TAG)

TAG's mission is to educate, promote, influence and unite Georgia's technology community to stimulate and enhance Georgia's tech-based economy.

Arsenal Insurance Company

Arsenal Insurance Company

Arsenal is an insurance provider based in Moscow, Russia. Services offered include Cyber Risk insurance.

ABB

ABB

ABB is a pioneering technology leader in industrial digitalization. Services include cyber security for industrial control systems IoT.

CSL Group

CSL Group

CSL solutions provide complete end-to-end connectivity services for Security, Fire, Telecare and other mission critical M2M/IoT applications.

Omada

Omada

Omada is a leading provider of IT security solutions and services for identity management and access governance.

Xilinx

Xilinx

Xilinx is the inventor of the FPGA, programmable SoCs, and now, the ACAP. We are building the Adaptable, Intelligent World.

TM One

TM One

TM One is the enterprise and public sector business solutions arm of Telekom Malaysia Berhad (TM) Group.

Nexum

Nexum

Nexum takes a comprehensive approach to security, from detecting and preventing network threats, to equipping you with the information, tools and training you need to effectively manage IT risk.

Soteria

Soteria

Soteria is a global leader in the development, integration and implementation of advanced cyber security, intelligence and IT solutions, delivering complete end-to-end solutions.

Eastern Cyber Resilience Centre (ECRC)

Eastern Cyber Resilience Centre (ECRC)

The Eastern Cyber Resilience Centre is part of the national roll out of Cyber Resilience Centres in the UK which began in 2019.

Emerge Digital

Emerge Digital

Emerge Digital is a technology and digital innovation business and Managed Services Provider providing solutions to SMEs.

Cypago

Cypago

Cypago provides a powerful yet easy-to-use Compliance Orchestration Platform to automate the compliance process end-to-end.

SCS Technology Solutions

SCS Technology Solutions

SCS Technology Solutions has become the preferred partner for top performing organisations across Lincolnshire for IT support and consultancy.

Vorlon

Vorlon

Vorlon's agentless patent-pending solution facilitates risk profiling of apps, and provides AI-driven behavioral analytics with response recommendations.

SecondSight

SecondSight

SecondSight’s Vertical AI embodies a full-spectrum approach to cyber insurance, facilitating accurate digital risk profiling.