IT systems of several companies worldwide, including 800 physical grocery stores owned by Sweden’s Coop that were shut down after an attack by REvil ransomware, could take weeks to recover, cybersecurity experts say.
Hackers from the REvil Cybercrime Gang broke into the systems of the IT company Kaseya and malicious software reached its resellers and end customers such as Coop, who used the software.
The ransomware locked data in encrypted files when hackers demanded $70 million on Sunday to recover the data.
The REvil hackers claimed that one million computers were compromised.
Grocery chain Coop was forced to close hundreds of stores on Saturday because its tills are operated by Visma Esscom, which manages servers for a number of Swedish companies and is itself a customer of Kaseya.
Coops payment service providers must physically go into all stores and manually restore payment machines from backups.
Meanwhile, the hackers created a channel for negotiations with the victims of the ransomware attack.
In the online chat room, a representative for a REvil subsidiary said the hackers had no regrets about forcing Coop to close.
For more information, read the original story in Reuters.
