Russian hackers suspected of Sweden cyber attack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

The Akira hacker group is suspected of carrying out the cyber attack in Sweden (Brendan Smialowski)

Online services at some Swedish government agencies and shops have been disrupted in a ransomware attack believed to have been carried out by a Russian hacker group, IT consultancy Tietoevry said.

The Swedish-Finnish group, which provides online security systems, said the problem could take weeks to fix.

It said one of its data centres in Sweden was attacked overnight Friday to Saturday, knocking out online purchases at the country’s biggest cinema chain as well as some department stores and shops.

The centralised human resources system used by Sweden’s national government service centre (Statens Servicecenter) was also affected, making it impossible for public sector employees to declare their overtime hours, sick leave or holiday requests.

“Considering the nature of the incident and the number of customer-specific systems to be restored, the restoration process may extend over several days, even weeks,” Tietoevry said in a statement issued late Monday.

“120 government agencies and more than 60,000 employees” were affected by the attack, Statens Servicecenter spokeswoman Caroline Johansson Sjowall told AFP.

Tietoevry and other cyber security experts have pointed the finger at hacker group Akira, which has ties to Russia.

Tietoevry said it had filed a police complaint regarding the attack, the financial impact of which it “was not able to fully assess” yet.

The company has provided no information about a ransom demand.

Ransomware attacks typically access vulnerable computer systems and encrypt or steal data, before sending a ransom note demanding payment in exchange for decrypting the data or not releasing it publicly.

“Cybersecurity must be a priority for all of society, both the public and private sector,” Civil Defence Minister Carl-Oskar Bohlin wrote on X, formerly known as Twitter.

“Once the operational phase is over, the government intends to gather the affected parties … to thoroughly evaluate this incident,” he wrote.

The Swedish Civil Contingencies Agency (MSB) said the attack should serve as a wake-up call.

“Sweden has digitalised very rapidly, but in general we have not invested as much time and resources into cybersecurity,” Margareta Palmqvist, head of information security at MSB, told Swedish news agency TT.

“It’s important to be prepared, to work preventively … so that you’re ready when something happens,” she said.



Click Here For The Original Source.

National Cyber Security