STOCKHOLM – The Swedish Coop grocery store chain shut down all of its 800 locations on Saturday after a ransomware attack on an American IT company rendered its cash registers inoperable. On Friday, an extraordinarily sophisticated attack targeted hundreds of American firms, hijacking widely used technology management software from a Miami-based supplier named Kaseya.
According to Coop, one of Sweden’s largest grocery chains, the attack disrupted a program used to remotely update its checkout tills, preventing payments from being processed.
“We’ve been troubleshooting and restoring all night,” Coop spokesman Therese Knapp told Swedish Television. “But we’ve conveyed that we’ll need to keep the stores closed today.”
According to TT, Kaseya technology was used by Visma Esscom, a Swedish company that administers servers and devices for a number of Swedish businesses.
Services on the state railways and at a pharmacy chain were also disrupted.
Visma Esscom chief executive Fabian Mogren told TT, “They have been struck in varied degrees.”
The attack, according to Swedish Defense Minister Peter Hultqvist, was “extremely risky” and demonstrated how businesses and government organizations needed to strengthen their readiness.
“In a different geopolitical environment, government players might attack us in this fashion to bring society to a halt and create anarchy,” he warned.
The hackers altered a Kaseya program called VSA, which is used by organizations that manage digital services for small enterprises, in Friday’s attack. They then encrypted the data of those providers’ clients at the same time, promising to decode them in exchange for cash. (Johan Ahlander contributed reporting, and Kevin Liffey edited the piece.)/nRead More