January 21, 2024 at 03:15PM
Finnish IT services provider Tietoevry faced a ransomware attack affecting a Swedish data center, impacting its cloud hosting customers. The attack was isolated, but caused widespread outages for multiple Swedish businesses, including the largest cinema chain and government agencies. The ransomware gang Akira is allegedly responsible, with cases of their attacks reported by the Finnish National Cyber Security Center.
From the meeting notes provided, there are several key takeaways:
1. Tietoevry, a Finnish IT services and enterprise cloud hosting provider, experienced a ransomware attack that impacted a data center in Sweden, causing outages for multiple customers, including businesses such as Filmstaden, Rusta, Moelven, Grangnården, and the managed Payroll and HR system, Primula, used by government, universities, and colleges in Sweden.
2. The ransomware attack was reportedly conducted by the Akira ransomware gang, which has been targeting corporate networks worldwide since its launch in March 2023.
3. The attack utilized the Akira ransomware to encrypt the company’s virtualization and management servers, resulting in widespread outages and data encryption.
4. Tietoevry is in the process of restoring infrastructure and services, following a well-tested methodology to ensure the correct handling of customer data. However, the time schedule for restoration varies depending on the customer, the solutions in question, and the related data restoring needs.
5. The Finnish National Cyber Security Center has warned about the ongoing attacks by the Akira ransomware gang, which targets weakly secured Cisco VPN implementations or unpatched vulnerabilities.
If you need further details on any of the above points or if there are additional specific questions, please let me know, and I will be glad to assist.