Wednesday, April 24, 2024
HomeBusinessCoop, other ransomware-hit firms, could take weeks to recover, say experts By...

Coop, other ransomware-hit firms, could take weeks to recover, say experts By Reuters


Related stories

Transforming Spaces with Elegance and Functionality

In the region of indoor format, curtains play a...

What is Ultrasonic Technology?

At its coronary heart, ultrasonic generation is all approximately...

Dive Deeper into Penetration Testing

The significance of penetration testing companies is undeniable due...

Buying Real Estate: Cash Or Financing- New England Home Buyers

You’re ready to buy your first rental property. One...

The Luck of the Draw: Gambling Superstitions and Rituals from Across the Globe

Gambling is one of the most superstition-laden activities in...


© Reuters. Staff enter the headquarters of information technology firm Kaseya in Miami, Florida, U.S., in an undated still image from video. Kaseya/Handout via REUTERS


By Supantha Mukherjee and Colm Fulton

STOCKHOLM (Reuters) – Computer systems of several companies across the world, including 800 physical grocery stores of Sweden’s Coop, that were shut down after attacked by REvil ransomware could take weeks to recover, cyber security experts said.

Hackers from the REvil cybercrime gang compromised systems of IT firm Kaseya and malware trickled down to its resellers and reached end customers such as Coop who used its software.

The ransomware locked data in encrypted files and late on Sunday hackers demanded $70 million to restore the data.

The REvil actors had claimed that a million machines were compromised, said Mark Loman, director of engineering at cybersecurity firm Sophos.

“Depending on how big your business is and if you have backups, it can take weeks before you have restored everything, and as the supermarkets in Sweden have been impacted, they can lose a lot of food and revenue,” he said.

Coop’s grocery store chain had to close hundreds of stores on Saturday because its cash registers are run by Visma Esscom, which manages servers for a number of Swedish businesses and in turn uses Kaseya.

“We have stopped the attack and we are now restarting our systems,” a Coop spokesperson said.

“We are recovering the systems and have now technicians who are visiting all of the affected stores to recover the data systems,” they added.

See also  6 Best CBD Vape Oils For Pain And Anxiety

Visma Esscom did not respond to requests for comment.

While many Coop stores remained closed on Monday, some stores have opened their doors and were allowing customers to pay by using an app called “Scan and Pay.”

“I don’t think we have seen anything this large scale before,” said Anders Nilsson, chief technology officer at ESET Nordics. “This is the first time we are seeing a grocery not been able to process payments and this shows how vulnerable we are.”

To fix the issues, Coop’s payment provider needs to physically go to all stores and restore payment machines manually from backups.

As is routine, the hackers created a channel for negotiating with the victims of the ransomware attack.

Speaking in this online chatroom, which Reuters was able to access, a representative for a REvil affiliate said the hackers had no regrets about forcing Coop to close.

“It’s nothing more than a business,” the representative told Reuters when asked about the impact of shutting supermarkets in Sweden.

The representative said that while the gang was seeking $70 million to restore all the data from all the victims, “we are always ready to negotiate.”

ESET’s Nilsson said, “It doesn’t really matter if they pay or not, they are still going to take time to restore all the machines.”

Colonial Pipeline faced an extortion attack earlier this year, causing a shutdown lasting several days. The company paid the hackers nearly $5 million to regain access.

“Paying a ransom is just putting the fire out but it will not make your environment more secure,” said David Jacoby, deputy director at Kaspersky.

See also  Top 5 AWS Backup Solutions

“The companies should not pay the ransom, because we don’t want to encourage cyber criminals that this is something that’s profitable.”


Source link

Bellie Brown
Bellie Brown
Hi my lovely readers, I am Bellie brown editor and writer of I write blogs on various niches such as business, technology, lifestyle., health, entertainment, etc as well as manage the daily reports of the website. I am very addicted to my work which makes me keen on reading and writing on the very latest and trending topics. One can check my more writings by visiting

Latest stories