CyberSecurityBoard
Sponsor Register Login

Tietoevry ransomware attack causes outages for Swedish firms, cities

Finnish IT services and enterprise cloud hosting provider Tietoevry has suffered a ransomware attack impacting cloud hosting customers in one of its data centers in Sweden, with the attack reportedly conducted by the Akira ransomware gang.
Tietoevry is a Finnish IT services company offering managed services and cloud hosting for the enterprise.
Tietoevry confirmed today that the ransomware attack occurred Friday night into Saturday morning and has impacted only one of their data centers in Sweden.
BleepingComputer has learned that this data center is used for the company's enterprise-managed cloud hosting service, leading to outages for multiple customers in Sweden.
The company says that they are in the process of restoring infrastructure and services but that customers still remain impacted as they bring servers back online.
Tietoevry previously suffered a ransomware attack in 2021 that forced them to disconnect clients' services.
BleepingComputer has learned that the ransomware attack encrypted the company's virtualization and management servers used to host the websites or applications for a wide range of businesses in Sweden.
Sweden's largest cinema chain, Filmstaden, has confirmed that they are among those impacted by the attack, preventing online purchases of movie tickets through the website or mobile app.
Other companies impacted by the attack include discount retail chain Rusta, raw building materials provider Moelven, and farming supplier Grangnården, which was forced to close its stores while IT services are restored.
The outage is also impacting Tietoevry's managed Payroll and HR system, Primula, which is used by the government, universities, and colleges in Sweden.
The Primula outage has also impacted numerous government agencies and municipalities in Sweden, including the Statens servicecenter, the Vellinge municipality, Bjuv's municipality, and Uppsala County.
For Uppsala the outage is more significant as it also impacts the region's health care record system.
BleepingComputer has been told that the Akira ransomware operation is behind the attack on Tietoevry, coming soon after the Finnish government warned about their ongoing attacks against companies in the country.
The Akira ransomware operation launched in March 2023 and quickly began breaching corporate networks worldwide in double-extortion attacks.
The Finnish National Cyber Security Center disclosed this month that there were 12 reported cases of Akira ransomware attacks in 2023, with the majority happening late in the year.
Finland warns of Akira ransomware wiping NAS and tape backup devices.
Nissan Australia cyberattack claimed by Akira ransomware gang.
Researchers link 3AM ransomware to Conti, Royal cybercrime gangs.
Vans, North Face owner says ransomware breach affects 35 million people.
TeamViewer abused to breach networks in new ransomware attacks.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Sun, 21 Jan 2024 20:20:18 +0000


Cyber News related to Tietoevry ransomware attack causes outages for Swedish firms, cities

Tietoevry ransomware attack causes outages for Swedish firms, cities - Finnish IT services and enterprise cloud hosting provider Tietoevry has suffered a ransomware attack impacting cloud hosting customers in one of its data centers in Sweden, with the attack reportedly conducted by the Akira ransomware gang. Tietoevry ...
9 months ago Bleepingcomputer.com
Law Firms and Legal Departments Get Singled Out For Cyberattacks - Cyberattackers are doubling down on their attacks against law firms and corporate legal departments, moving beyond their historical activity of hacking and leaking secrets to targeting the sector with financial attacks, such as ransomware and ...
11 months ago Darkreading.com
The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
9 months ago Bleepingcomputer.com
How Cybersecurity for Law Firms has Changed - The public nature of the legal system makes law firms particularly vulnerable to a growing number of cybersecurity risks. Law firms have unique access to highly confidential client information and as a result, face a growing number of federal, ...
10 months ago Securityboulevard.com
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
11 months ago Darkreading.com
Kasseika ransomware uses antivirus driver to kill other antiviruses - A recently uncovered ransomware operation named 'Kasseika' has joined the club of threat actors that employs Bring Your Own Vulnerable Driver tactics to disable antivirus software before encrypting files. Kasseika abuses the Martini driver, part of ...
9 months ago Bleepingcomputer.com
Law Firms are Raising the Bar on Cybersecurity - Corresponding with recent increases in threat actor activity in the legal industry, law firms are investing more time and attention in modernizing security operations. Both midsize and large law firms are increasingly engaging with cybersecurity ...
1 year ago Bluevoyant.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
10 months ago Securityboulevard.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
10 months ago Feeds.fortinet.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
10 months ago Unit42.paloaltonetworks.com
Akira ransomware gang says it stole passport scans from Lush The Register - Passport scans are routinely collected to verify identities during the course of the hiring process, which suggests Akira's affiliate likely had access to a system containing staff-related data. Company documents relating to accounting, finances, ...
9 months ago Go.theregister.com
Akira ransomware gang says it stole passport scans from Lush The Register - Passport scans are routinely collected to verify identities during the course of the hiring process, which suggests Akira's affiliate likely had access to a system containing staff-related data. Company documents relating to accounting, finances, ...
9 months ago Theregister.com
The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
11 months ago Bleepingcomputer.com
Toronto Public Library outages caused by Black Basta ransomware attack - The Toronto Public Library is experiencing ongoing technical outages due to a Black Basta ransomware attack. The Toronto Public Library is Canada's largest public library system, giving access to 12 million books through 100 branch libraries across ...
11 months ago Bleepingcomputer.com
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
11 months ago Helpnetsecurity.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
8 months ago Bleepingcomputer.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
10 months ago Bleepingcomputer.com
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
8 months ago Feeds.fortinet.com
The Evolving Landscape of Ransomware Attacks - 1.7 million ransomware attacks are happening every day. Many people think the virus has locked their computer, but it is actually the ransomware that has locked all their files. As the name ransomware suggests they are after ransom. Stealing or ...
10 months ago Cyberdefensemagazine.com
Ransomware's Impact May Include Heart Attacks, Strokes & PTSD - First-order harms: Direct targets of ransomware attacks. The increasing convergence of IT and OT leave physical infrastructures more vulnerable to ransomware, even though most ransomware operators lack the capability to directly compromise OT or ...
9 months ago Techrepublic.com
Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
9 months ago Malwarebytes.com
Declining Ransomware Payments: Shift in Hacker Tactics? - Several cybersecurity advisories and agencies recommend not caving into ransomware gangs' demands and paying their ransoms. It seems the tide is turning, with a decline in ransomware payments; this article explores the trend and what it might mean ...
9 months ago Securityboulevard.com
Targeting homeowners' data - As these companies obtain a large amount of sensitive information from their customers, they become attractive targets for ransomware gangs to conduct double-extortion attacks. Finland is also warning of Akira ransomware increasingly targeting ...
10 months ago Bleepingcomputer.com
A Comprehensive Look at the Financial Firms in European Union and Their Rules on Cloud-Based Services - Today's technology has opened up a world of possibilities for financial firms, especially with cloud-based services. Financial institutions are now able to access a great deal of information over the internet in an efficient and timely manner. ...
1 year ago Tripwire.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)