Sweden Needs More Time to Recover From Series of Cyberattacks: What Did Akira Ransomware Gang Do?

Sweden was warned earlier this month about the risk of military conflict in the region.

In the aftermath of a widespread ransomware assault orchestrated by the Akira group on a Tietoevry Oyj data center, the computer systems of numerous Swedish government agencies face prolonged interoperability, potentially lasting weeks.

The gravity of the situation was underscored by Carl-Oskar Bohlin, Sweden's civil defense minister, during a news conference where he revealed the extensive impact on payroll processing and the consequential disruptions across hospitals, cinemas, and various businesses.

The incident has also triggered 178 reports of potential personal data breaches since its occurrence over the weekend.

Hybrid Threats Loom as Sweden Nears NATO Membership

Sweden Needs More Time to Recover From Series of Cyberattacks: What Did Akira Ransomware Gang Do?
Akira, a notorious ransomware gang has attacked the Tietoevry, a Finland-based IT service provider in Sweden. However, the damage was so serious that it might take weeks to recover. Mika Baumeister from Unsplash

As Sweden stands on the verge of securing NATO membership following approval from Turkey, officials caution about the looming specter of hybrid attacks, including cybercrime.

According to Bloomberg, the recent ransomware onslaught serves as a stark reminder of the evolving threat landscape faced by the Nordic country.

It was only in 2023 when Finland, its neighboring country, joined NATO. However, it immediately felt the attacks that Russia fired in its hybrid operations. The asylum seekers were also affected by the attacks.

"We are dealing with a very serious incident, and we don't know the full extent of it yet. The government views the situation very seriously, not least against the backdrop of the grave security policy situation that Sweden is in," Bohlin said.

Uncertainty Surrounds Attack Origin

Despite escalating concerns and the potential geopolitical implications, Carl-Oskar Bohlin refrained from commenting on the origin of the attack, emphasizing that the investigation is in its early stages.

The dual motives of such cyberattacks, driven either by economic interests through ransom demands or political motives involving state actors, further complicate the attribution process.

As Sweden grapples with the fallout, there is a pressing need for swift and effective cybersecurity measures to thwart future attacks and safeguard critical infrastructure.

Akira Steals Massive Data From Lush

In another story by The Register, the same group, the Akira ransomware gang attacked the UK-based cosmetics giant Lush. At that time, over 900 stores worldwide suffered from the "cybersecurity incident."

The authorities said that some personal documents were stolen. Allegedly, these include passport scans from the users.

The last time that Lush shared information about the incident was on Jan. 11. It was working with forensic experts as part of the investigation.

In late 2023, the Akira ransomware group accessed the network systems of Nissan in Australia and New Zealand. The threat actors took responsibility for the attack later on.

Akira had reportedly stolen 100 GB of data that belonged to Nissan and its employees. It even threatened the automaker to pay the ransom or else it would leak all the sensitive information.

Joseph Henry
Tech Times
ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics