The Swedish Coop grocery store chain closed all its 800 stores on Saturday after a ransomware attack on American IT provider Kaseya left it unable to operate its cash registers.
Hundreds of American businesses were hit on Saturday by an unusually sophisticated attack that hijacked widely used technology management software from Miami-based supplier Kaseya.
According to Coop, one of Sweden’s biggest grocery chains, a tool used to remotely update its checkout tills was affected by the attack, meaning payments could not be taken.
“We have been troubleshooting and restoring all night, but have communicated that we will need to keep the stores closed today,” Coop spokesperson Therese Knapp told Swedish Television.
The Swedish news agency TT said Kaseya technology was used by the Swedish company Visma Esscom, which manages servers and devices for a number of Swedish businesses.
State railways services and a pharmacy chain also suffered disruption.
“They have been hit in various degrees,” Visma Esscom chief executive Fabian Mogren told TT.
Defence Minister Peter Hultqvist told Swedish Television the attack was “very dangerous” and showed how business and state agencies needed to improve their preparedness.
“In a different geopolitical situation, it may be government actors who attack us in this way in order to shut down society and create chaos,” he said.
In Friday’s attack, the hackers changed a Kaseya tool called VSA, used by companies that manage digital services for smaller businesses.
They then simultaneously encrypted the files of those providers’ customers, promising to decrypt them in return for payment.