July 5, 2021

One of the worst ransomware attacks in history spread worldwide on Saturday, forcing Swedish grocery chain Coop to close all 800 stores because it could not service its cash registers.

The closure of large food retailers followed the sophisticated attack on the Miami-based tech vendor Kaseya.

Ransomware criminals, known as REvil, are suspected of breaching Kaseya’s desktop management tool VSA and installing a malicious update that infects tech management vendors serving thousands of businesses.

Coop, one of Sweden’s largest grocery chains, a tool that allows you to remotely update your tills, was affected by the attack, so payments could not be accepted.

Kaseya technology was used by the Swedish company Visma Esscom, which manages servers and devices for a number of Swedish companies.

Rail traffic and a drugstore chain were also disrupted.

Kaseya said only about 40 of its customers were directly affected but did not comment on how many were vendors distributing the malicious software worldwide.

The FBI said it is coordinating with the U.S. Department of Cybersecurity and Infrastructure Security over the investigation into the matter.

The companies involved had encrypted files and received electronic messages demanding ransoms in the millions.

Experts said the timing of the attack, on Friday before a long U.S. holiday weekend, was designed to spread as quickly as possible while employees were not going to work.

For more information, read the original story in Reuters.