Russian hackers, rockin’ Sweden with cyber attacks

January 23, 2024
1 min read

TLDR: Russian hackers suspected of carrying out a ransomware attack in Sweden have disrupted online services at government agencies and shops. IT consultancy Tietoevry, which provides online security systems, said the attack could take weeks to fix. The attack impacted the country’s biggest cinema chain, department stores, and shops, as well as the centralised human resources system used by Sweden’s national government service centre. Tietoevry has filed a police complaint regarding the attack, which is believed to have been carried out by the hacker group Akira, with ties to Russia. The Swedish Civil Contingencies Agency has said the attack should serve as a wake-up call for increased investment in cybersecurity.

Key points:

  • Russian hackers suspected of carrying out a ransomware attack in Sweden
  • Tietoevry, which provides online security systems, said the attack could take weeks to fix
  • Attack disrupted online services at government agencies and shops
  • Hacker group Akira, with ties to Russia, believed to be responsible
  • Swedish Civil Contingencies Agency calls for increased investment in cybersecurity

Online services at some Swedish government agencies and shops have been disrupted in a ransomware attack believed to have been carried out by a Russian hacker group, IT consultancy Tietoevry said. The Swedish-Finnish group, which provides online security systems, said the problem could take weeks to fix. It said one of its data centres in Sweden was attacked overnight Friday to Saturday, knocking out online purchases at the country’s biggest cinema chain as well as some department stores and shops. The centralised human resources system used by Sweden’s national government service centre (Statens Servicecenter) was also affected, making it impossible for public sector employees to declare their overtime hours, sick leave or holiday requests.

“Considering the nature of the incident and the number of customer-specific systems to be restored, the restoration process may extend over several days, even weeks,” Tietoevry said in a statement issued late Monday.

“120 government agencies and more than 60,000 employees” were affected by the attack, Statens Servicecenter spokeswoman Caroline Johansson Sjowall told AFP.

Tietoevry and other cyber security experts have pointed the finger at hacker group Akira, which has ties to Russia. Tietoevry said it had filed a police complaint regarding the attack, the financial impact of which it “was not able to fully assess” yet. The company has provided no information about a ransom demand.

“Cybersecurity must be a priority for all of society, both the public and private sector,” Civil Defence Minister Carl-Oskar Bohlin wrote on X, formerly known as Twitter.

The Swedish Civil Contingencies Agency (MSB) said the attack should serve as a wake-up call. “Sweden has digitalised very rapidly, but in general we have not invested as much time and resources into cybersecurity,” Margareta Palmqvist, head of information security at MSB, told Swedish news agency TT. “It’s important to be prepared, to work preventively … so that you’re ready when something happens,” she said.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and