It is still difficult to estimate the scale of this cyberattack which is already affecting several continents.
Hackers have attacked US company Kaseya to demand ransom from potentially more than 1,000 companies through its software, already shutting down 800 stores in Sweden.
The attack paralyzed the checkouts of Coop Sweden, one of the largest supermarket chains in the country, which had to suspend its activity on Saturday.
Also called "ransomware", this type of computer program exploits a company's security holes to paralyze its computer systems and then demand a ransom to unlock them.
Kaseya, who on Saturday described the cyberattack as "sophisticated", assures that it was confined "to a very small number of customers".
Friday evening, the company explained that it had noticed a possible problem with its software at midday on the East American coast.
The company estimated that "less than 40 customers worldwide" were affected.
But the latter themselves provide services to other companies.
According to the computer security company Huntress Labs, “more than 1,000 companies” have been affected by this ransomware.
Ransomware attacks become frequent
The US Agency for Cybersecurity and Infrastructure Security (CISA) "is closely monitoring the situation," said Eric Goldstein, head of cybersecurity within the organization.
"We are working with Kaseya and we are coordinating with the FBI to carry out awareness actions with victims who may be affected," he added.
Ransomware attacks have become frequent and the United States has been particularly hit in recent months by attacks affecting large companies such as meat giant JBS and the oil pipeline operator Colonial Pipeline, as well as local communities and companies. hospitals.
But usually, "cybercriminals operate business by business," recalls Gérôme Billois, cybersecurity expert at the consulting firm Wavestone.
"In this case, they attacked a company that provides computer systems management software, which allows them to simultaneously reach several dozen or even hundreds of companies," he explains.
Read also Gangs, extortion and ransomware ... Investigation into very organized gang hackers
The nature of the attack is similar to that used with computer management software publisher SolarWinds, which affected US government organizations and businesses by the end of 2020. Except that the latter, attributed by Washington to the Russian secret services, was rather "in a logic of espionage, while we are here in a logic of extortion", underlines Gérôme Billois.
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/WQEEUVRP3BB57M7LND37U7VREE.png)
