The impact is that 20% of Sweden's food supply is locked out. This is larger than what it seems, not just for Swedish meatballs - the underlying Kaseya hack is global.
It's truly scary that you can get into these kinds of situations (completely relying on a 3rd party IT), but it's also very costly to have a doubled setup :/
Swedish media is reporting that this is part of the Kaseya hack; Coop's hosting partner Visma Esscom was using Kaseya's remote management tool.
Interesting detail (swedish language) https://www.dn.se/ekonomi/global-utpressningsattack-bakom-st...
They are victims of a ransom attack, it's spread through the software in the checkout tills.
There is a message on the client, for example on the till when you log in.
For you security folks out there, are salaries spiking yet? His this impacted the market at all?
Why was this predicted a year ago by NGOs [1]? Do they have some special insight into this that cyber security specialists didn't? Are these kinds of supply-chain attacks at this scale new, or newly enabled? Is this a technically impressive attack, or is this just a bunch of backdoors?
[1] https://unlimitedhangout.com/2021/02/investigative-reports/f...
Quotes below are from a different article from a source that HN won't let me post. Looks like only conspiracy theory sites are applying any scrutiny to this.
> "The simulation, called Cyber Polygon 2021, was announced by Russia’s largest state-run bank Sberbank in February.
> “The key message voiced by experts at WEF and other international platforms is that supply chain security is to become a major cybersecurity issue in 2021,” Sberbank stated. "
Having cashier machines that does not work offline is a bad idea. Closing almost all stores sounds expensive.
This is not good.
OTOH until the incident is resolved one could instead go shopping at ICA, Hemköp, City Gross, ÖoB, Tempo or independent stores.
I guess the customers that are hit the hardest are the ones who aren’t mobile and only have a Coop store nearby.
When is the government going to do pentesting on a large scale? It seems the only way to protect against these attacks.
Beeb link fwiw (I assume this is the same co-operative movement as in the UK)
Another source in English: https://www.thelocal.se/20210703/major-swedish-supermarket-c...
How do the attackers get into their network? Is it due to compromised Windows servers?
Related Ask HN thread – “What is your ransomware mitigation strategy?” https://news.ycombinator.com/item?id=27718990
Why is MFA supposed to be so much more secure? Aren’t they just sending an authentication hash just like password only? Haven’t these solutions been hacked too? Or am I missing something?
Related Ask HN: https://news.ycombinator.com/item?id=27415813
Doesn't Visma have pretty good security in general?
They are big on intigrity att least.
Maybe using Windows + associated ecosystem for critical, embedded and control systems isn't and has never been a particularly stellar idea.
The real issue is how everyone in the comments is actually more of an issue than the attacker. You all refuse to stop censoring and ignoring and shunning the thousands of people who publicly predicted these attacks... The WEF told us this "would happen" - but anything that is a "conspiracy theory" turns into the only story you're not allowed to tell.
Cryptocurrencies need to be banned to help stop these attacks. If corporations in the West cannot buy the coins legally, they will not be able to pay the ransoms, and the attack frequency and intensity will fall.
On top of that, we'll also reduce electricity and computer chip waste, since mining activity will decrease as the price plummets.
Its a lot harder to justify huge attacks when your payment is in gift cards, compared to semi-anonymous crypto that can be cashed out in your 2nd world country of choice.
A less horrible link with more content and less ads:
https://www.voanews.com/europe/major-swedish-supermarket-cha...