The Swedish supermarket chain Coop has closed all its stores in the country because of a cyber attack. Its about 800 stores. The attack may have to do with the international ransomware attack that also affected 200 US companies.
Coop has a 20 percent market share in the Swedish supermarket sector and an annual turnover of around 1.5 billion euros. The Swedish chain has nothing to do with Coop Nederland.
Due to the cyberattack on the supermarket chain, the cash register systems are paralyzed, reports Swedish broadcaster SVT. A solution has been working all night long, but without success.
According to Swedish news agency TT, the chain does not assume being the direct target of the cyberattack. It may be part of the international ransomware attack. Presumably, that attack started at Kaseya, a company that provides IT management software. According to security company Huntress, it seems that the Russian-affiliated Revil group is behind the attack.
The attackers may have penetrated the systems by rolling out a fraudulent update to VSA, a program used for remote management. Such a supply chain attack was previously used to break into US government agencies.
The ransomware paralyzes an organizations computer system, which is then ordered to transfer ransom to the hackers before files and systems are released again.
Two Dutch companies have also been attacked. Their files were unlocked because they had anti-ransomware software running.
Companies pay millions of internet criminals to release their hostage files. In this video, well explain what illegal technique is causing this: