Russian ransomware group strikes again, affects 800 stores in Sweden
In Sweden, more than 800 stores of grocery chain Coop’s could not open on Saturday after the attack led to a malfunction of its cash registers.
Russia-linked ransomware group REvil, accused of orchestrating cyberattacks on giant meatpacker JBS SA, struck again on Saturday attacking managed service providers (MSPs) which primarily provide IT services to small and medium-sized businesses, news agency Bloomberg reported.
The report said 20 MSPs have been impacted by the ransomware attack citing Huntress Labs’ cybersecurity researcher John Hammond. Experts fear that these attacks can have a multiplying effect as hackers can access and infiltrate the customers of the MSPs.
In Sweden, more than 800 stores of grocery chain Coop’s could not open on Saturday after the attack led to a malfunction of its cash registers, Coop spokesperson Therese Knapp told news agency Bloomberg.
The recent attack has affected MSPs in 11 countries, according to Slovak cybersecurity firm ESET. The hackers attacked Kaseya Ltd, a Miami-based developer of software used by these MSPs. The attack was orchestrated to attack Kaseya’s customers.
“What makes this attack stand out is the trickle-down effect, from the managed service provider to the small business. Kaseya handles large enterprises all the way to small businesses globally, so ultimately, it has the potential to spread to any size or scale business,” Hammond was quoted as saying by Bloomberg.
Kaseya said that the Federal Bureau of Investigation (FBI) has been notified and it has identified at least 40 customers impacted by the attack. The president of Avtex LLC, one of MSPs affected by the breach, George Demou said that the attack appears to be a global supply chain hack as hundreds of MSPs have been targeted.
