Swedish Supermarkets Closed Down By US Ransomware Attack

Uploaded on 2021-07-06 in TECHNOLOGY--Hackers, INTELLIGENCE--Europe, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Eight hundred Co-Operative supermarket (Co-op) stores in Sweden have been forced to close due to an ongoing massive IT supply chain attack in the US which affecting organisations around the world. The supermarket was not targeted by hackers directly, but is one of a growing number of organisations affected by an attack on a large software supplier the company uses.

Co-op Sweden says it closed the stores recently after point-of-sale tills and self-service checkouts stopped working and only shops in some remote areas were unaffected. The Swedish State Railways and a major local pharmacy chain have also been affected. 

Cyber security experts say the REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack that targeted a software supplier Kaseya, using its network-management package as a conduit to spread the ransomware through cloud-service providers. “One of our sub-contractors was hit by a digital attack, and that’s why our check-outs aren’t working anymore,” Co-op Sweden, which accounts for around 20% of the supermarket sector, said in a statement.
“We regret the situation and will do all we can to reopen swiftly.”

Researchers say about 200 businesses have been hit by this "colossal" ransomware attack, which had mainly affected the US.

Cyber security firm Huntress Labs said the hack targeted US IT company Kaseya before spreading through corporate networks that use its software. The firm believes the Russia-linked REvil ransomware gang was responsible. Kaseya said in a statement on its own website that it was investigating a "potential attack". It's understood that Co-op doesn't use Kesaya directly on its systems but that one of their software providers does.

The case highlights the growing concern in the cyber security world about supply chain attacks where hackers are able to claim multiple victims by attacking their supplier.

The UK's National Cyber Security Centre said: "We are aware of a cyber incident involving Kaseya, and we are working to fully understand its impact. "Ransomware is a growing, global cyber threat, and all organisations should take immediate steps to limit risk and follow our advice on how to put in place robust defences to protect their networks."

Kaseya's CEO Fred Voccola said in a statement that the company believes it has identified the source of the vulnerability and will “release that patch as quickly as possible to get our customers back up and running.”The New Zealand government’s Computer Emergency Response Team (NZ-CERT) has identified the attackers were from a hacking group known as REvil.

At a summit in Geneva last month, US President Joe Biden said he told Russian President Vladimir Putin he had a responsibility to rein in such cyber attacks. Mr Biden said he gave Mr Putin a list of 16 critical infrastructure sectors, from energy to water, that should not be subject to hacking. Last year, hackers extorted at least $18 billion using such software, according to cyber security firm Emsisoft.

Dagens Nyheter:     NCSC:      ABC:     BBC:     Straits Times:    BangkokPost:    WCMANews5:     VOA:   

Illinois News Today:     

You Might Also Read:

Why Is Retail Cyber Security So Weak?:

 

 

 

« $70m Ransom Demand To Restore Hacked Data
Cyber Security In Fintech: Top 5 Tips »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Oxygen Forensics

Oxygen Forensics

Oxygen Forensics offer the most advanced forensic data examination tools for mobile devices and cloud services.

Conscio Technologies

Conscio Technologies

Conscio Technologies is a specialist in IT security awareness. Our solutions allow you to easily manage innovative online IT awareness campaigns.

Backup Technology

Backup Technology

Backup Technology is a world leader in the Online Cloud Backup, Disaster Recovery and Business Continuity market.

REVI-IT

REVI-IT

REVI-IT is a Danish state-owned audit firm focusing on enterprise IT business processes and compliance,

Wind River

Wind River

Wind River delivers the technology and expertise that enables the deployment of safe, secure, and reliable intelligent connected systems.

totemo

totemo

Totemo offers solutions for the secure exchange of business information.

ACPL Systems

ACPL Systems

We offer leading-edge technology solutions, expert professional and managed services and proven methodologies to ensure your data is protected and business risks are reduced.

Trust Stamp

Trust Stamp

Trust Stamp provide Identity and Trust as a Service to answer two fundamental questions: “Who are you?” and “Do I trust you?"

ITTAS

ITTAS

ITTAS is a multidisciplinary company specializing in information security and software and hardware protection software.

Viettel Cyber Security

Viettel Cyber Security

Viettel Cyber Security is an organization under the Military Telecommunication Industry Group, conducting research and developing information security solutions for domestic and foreign customers.

Sevco Security

Sevco Security

Sevco Delivers Real-time Asset Intelligence to Identify and Close Unknown Security Gaps.

Binalyze

Binalyze

Binalyze is the world's fastest and most comprehensive enterprise forensics solution. Our software helps you to collaborate and complete incident response investigations quickly.

U2opia Technology

U2opia Technology

U2opia is a consortium with a proven track record of delivering groundbreaking technology, cybersecurity, and innovative business solutions.

Buguard

Buguard

Buguard is a multi-award-winning supplier of Application Security Assessments and GRC services.

HYCU

HYCU

HYCU was born of the need to simplify data protection and provide equivalent levels of backup and recovery support across on premises, public cloud, and SaaS workloads.

Fusion5

Fusion5

Fusion5 is a leading ANZ Business Services and IT Solutions provider. Our customers trust us to make their potential reality by providing advisory, IT project deployment, and managed services.