Cybersecurity NewsNewsTech News

Tietoevry Suffer Ransomware Attack: Forces Swedish Firm and Cities to Shutdown

Loading

Tietoevry recently revealed it suffered a ransomware attack between Friday night and Saturday morning. The Finnish IT service and enterprise cloud hosting provider said the attack affected its clients in Sweden.

As per the press release, the firm confirmed that the attack was on one part of its Swedish data centers and affected a few customers in the county. Reports also stated that the company used the data center to manage its cloud hosting service, further aggravating the impact.

Nonetheless, Tietoevry said it is working hard to restore its system and reverse the impact. They said they were “following a well-tested methodology to restore infrastructure and services.” Additionally, they claimed the reason for sticking to the current gradual restoration plan was to ensure the correct handling of customer data. It concluded the statement by stating that the restoration may take time as it depends on “the solutions in question and the related data restoring needs.”

The attack affected the company’s virtualization and management servers used to host the websites or applications for a wide range of businesses in Sweden. As a result, Sweden’s biggest cinema chain, Filmstaden, confirmed that the assault prevented customers from buying movie tickets online.

Akira Could be Behind the Attack on Tietoevry

Many reasons point to Akira as the main culprit in the attack. The most glaring is the fact that the Finnish government warned about the group’s ongoing actions against companies in the country. To this effect, the Finnish National Cybersecurity Center (NCSC) disclosed earlier that there were 12 reported cases of the ransomware group attacks in 2023, with the majority happening late in the year.

The attacks began in March 2023 when the group began beaching corporate networks worldwide in double-extortion attacks. One of their biggest exploits since the start of their most recent campaign was the attack on Cisco VPN accounts.

Related Articles

Back to top button