Uncategorized

After cyber attack on US software company: Hundreds of Swedish supermarkets closed

Coop supermarket branch in Sweden. (Image: Coop)

Due to a cyber attack on a US software company, the Swedish supermarket chain Coop has closed hundreds of branches – temporarily. Russian hackers are said to be behind it.

Thousands of people are likely to have stood in front of closed supermarket doors in Sweden on Saturday. Because with Coop, one of the largest supermarket chains in the country had to temporarily close at least 800 of its branches. The reason given by Coop was that the company was affected by an IT malfunction and the systems would not work. A cyber attack on the US software company Kaseya, whose software is used for cash register systems, was responsible for this.

Russian hackers probably behind ransomware attack

One New York Times report (NYT), Kaseya delivers its software and IT solutions to over 40,000 companies around the world. However, according to the company itself, only 40 companies should be directly affected by the attack. According to observers, dozens or even hundreds more companies could feel the effects of the attack. Because among the 40 companies there are several service providers who in turn are likely to have a large number of customers themselves.

Some companies are also said to be faced with ransom demands in the amount of five million US dollars as part of the attack. Thousands of companies are at potential risk, said John Hammond of the cybersecurity firm Huntress Labs of the NYT. After all, the cyber attack is considered so threatening that US President Joe Biden was informed about it. The US Cybersecurity and Infrastructure Security Agency (CISA) examined falls and asks Kaseya customers to shut down their servers. It is believed that the Russian hacker group Revil is behind the attack.

Tampered software update from Kaseya

Revil is said to have succeeded in penetrating the customers’ systems via a manipulated software update from Kaseya. Instead of the new software version, Revil’s ransomware ended up on the customers’ systems. Kaseya had previously been infected through an IT vulnerability. The piquant thing is that Dutch security researchers had already informed Kaseya of this particular vulnerability. The attack took place while Kaseya was still working on a patch. Now also advises the US software company their customers to leave the corresponding servers offline. A patch is expected for Monday.

Almost finished!

Please click on the link in the confirmation email to complete your registration.

Would you like more information about the newsletter? Find out more now

Coop has meanwhile started, in many of its branches, in which this is possible, to make payment via the Scan & Pay app. These branches were able to reopen on Sunday. Online shopping at coop.se, including delivery, should also be possible. Coop is still working on getting the “serious incident” under control. It is not known whether the company also received a ransom note.

You might be interested in that too

Leave a Reply

Your email address will not be published. Required fields are marked *