Swedish Coop supermarkets shut because of US ransomware cyber-attack Some 500 Coop supermarket stores in Sweden are forced to shut because of an ongoing “colossal” cyber-attack affecting organizations around the world. Coop Sweden says it closed quite half its 800 stores on Friday after point-of-sale tills and self-service checkouts stopped working. The supermarket wasn’t itself targeted by hackers – but is one among a growing number of organizations plagued by an attack on an outsized software supplier the corporate uses indirectly. Cyber researchers say about 200 businesses are hit by this “colossal” ransomware attack, which had mainly affected the US. Cyber-security firm Huntress Labs said the hack targeted Florida-based IT company Kaseya before spreading through corporate networks that use its software. The firm believes the Russia-linked REvil ransomware gang was responsible. Kaseya said in an exceedingly statement on its own website that it absolutely was investigating a “potential attack”. A spokeswoman for Coop Sweden told the BBC: “We first noticed problems in a very small number of stores on Friday evening around 6:30 pm so we closed those stores early. Then overnight we realized it had been much bigger and that we took the choice to not open most of our stores this morning in order that our teams could see the way to fix it. “The whole paying system at our tills and our self-service checkouts stopped working so we’d like time to reboot the system.” It’s understood that Coop doesn’t use Kesaya directly on its systems but that one amongst their software providers does. The case highlights the growing concern within the cyber-security world about so-called supply chain attacks where hackers are ready to claim multiple victims by attacking their suppliers. The US Cybersecurity and Infrastructure Agency, a federal body, said in an exceedingly statement that it absolutely was taking action to deal with the attack and urging users of the Kesaya software to shut it down. The UK’s National Cyber Security Centre said: “We are responsive to a cyber incident involving Kaseya, and that we are working to completely understand its impact. “Ransomware may be a growing, global cyber threat, and every one organization should take immediate steps to limit risk and follow our advice on a way to put in situ robust defenses to safeguard their networks.” The cyber-breach looks to possess been timed for max disruption because it emerged on Friday afternoon when companies across the US were clocking off for the long Fourth of July weekend. Kaseya is urging customers that use its VSA tool to right away close up their servers. Kaseya said in its statement that a “small number” of companies had been affected, though Huntress Labs said the amount was greater than 200. It is not clear what specific companies are affected, and a Kaseya representative contacted by the BBC declined to relinquish details. Kaseya’s website says it’s a presence in additional than 10 countries and over 10,000 customers. “This could be a colossal and devastating supply chain attack,” Huntress Labs’ senior security researcher John Hammond said in an email. At a summit in Geneva last month, US President Joe Biden said he told Russian President Vladimir Vladimirovich Putin he had a responsibility to rein in such cyber-attacks. Mr. Biden said he gave Mr. Putin an inventory of 16 critical infrastructure sectors, from energy to water, that ought to not be subject to hacking. Ravil – also called Sodinokibi – is one of the foremost prolific and profitable cyber-criminal groups within the world. The gang was blamed by the FBI for a hack in May that paralyzed operations at JBS – the world’s largest meat supplier. The group sometimes threatens to post stolen documents on its website – referred to as the “Happy Blog” – if victims don’t go with its demands. Ravil was also linked to a coordinated attack on nearly large integer local governments within the US state of Texas in 2019.
Australia - Egypt