Posted on 09/03/2025 11:33:12 PM PDT by nickcarraway
Ransomware hits Sweden:
A ransomware attack on Swedish IT supplier Miljödata has paralysed up to 164 councils, four regions and other organisations, with police and cybersecurity teams investigating after hackers demanded 1.5 Bitcoin, around 1.5 million kronor (€128,000).
Sweden is still reeling today after a ransomware attack on IT supplier Miljödata left councils, regions, universities and private firms in digital paralysis.
Most Read on Euro Weekly News
France tells hospitals to be war-ready by March 2026
Lisbon tram derailment leaves 15 dead
German AfD suffers multiple candidate deaths Early reports suggested that around 200 municipalities and regional governments were caught up in the hack. However, updated figures from Swedish authorities later confirmed that 164 municipalities and four regions were directly affected. When universities and private organisations that also rely on Miljödata are included, the total rises to around 250 clients.
The attack was detected on Saturday August 23, but 164 municipalities and four regions are officially confirmed to have been hit. When other clients are included, up to 250 organisations are thought to be affected.
Systems in meltdown Miljödata provides HR systems that keep Sweden’s public sector running. Those systems are either frozen or limping along. In Halland, sick-leave and workplace injury platforms remain down. As reported in the Sweden Herald, Gotland admitted four critical systems are still offline, covering everything from medical certificates to rehabilitation plans.
“Region Gotland is one of many regions and municipalities that are affected,” said HR Director Lotta Israelsson, confirming the island’s services remain disrupted and that officials were in “continuous contact with the supplier.”
Citizens on edge Some regions have warned that personal data may have been compromised, although the extent of the breach is still unknown. Authorities are investigating whether sensitive files were exfiltrated or simply locked up.
Civil Defence Minister Carl-Oskar Bohlin said the government was “in close contact with the relevant authorities.” The country’s national cybersecurity centre and CERT-SE are leading the technical response, while police officers pursue the criminals behind the hack.
A bargain-bin ransom, costly chaos The attackers demanded just 1.5 Bitcoin, around 1.5 million kronor (€128,000). That relatively small figure suggests this was not the work of one of the world’s heavyweight ransomware gangs but rather a smaller group that landed an outsized punch.
Still, the fallout is colossal. “The attack in Sweden shows the reality that for cyber criminals, targeting supply chain vulnerabilities is one of the most effective levers to cause disruption at scale,” said Andrew Lintell of Claroty, speaking to IT Pro.
“Due to the cascading effect of supply chain attacks, threat actors can cause widespread damage affecting businesses and their customers all at once.” Juhan Lepassaar, Executive Director of the EU Agency for Cybersecurity (ENISA).
Why this matters beyond Sweden
Ransomware is not just a Swedish headache. Across Europe, attacks have spiked. According to the EU Agency for Cybersecurity (ENISA), ‘ransomware has been, once again, one of the prime threats during the official reporting period, with several high profile and highly publicised incidents.’
Public institutions are particularly vulnerable because they often rely on older systems and tight budgets that leave little room for advanced cyber defences. Criminals know that councils and hospitals cannot afford downtime, making them soft targets for extortion. Analysts warn that unless governments harden their supply chains, every EU member state could face the same kind of paralysis Sweden is enduring today.
Déjà vu for Sweden
This was not the first time Sweden was hit. In 2024, IT giant Tietoevry was crippled by a similar strike, again targeting HR systems.
The lesson is chilling. One breach at a single supplier can send shockwaves through an entire nation. Sweden’s cyber nightmare is far from over, and officials admit the full damage may not be known for weeks.
The growing danger of cyber attacks across Europe
In today’s Europe, the battlefield is no longer just fought with tanks and troops but with keyboards and code. Cyber attacks can freeze hospitals, shut down councils and expose private data in a single strike, leaving millions vulnerable. Experts warn that a lone criminal group with a laptop can now cause chaos once reserved for state armies, proving that digital warfare has become one of the greatest threats facing modern Europe.
The World Economic Forum’s Global Cybersecurity Outlook 2025 says that supply chain vulnerabilities are still the top risk facing big organisations, with 54 per cent citing them as their biggest cyber barrier.
What it means for you
How safe is Europe’s public data if one supplier can bring entire regions to a standstill?
Should councils and governments spend more on cyber defence, even if it means higher taxes?
If hackers can freeze hospitals and HR systems today, what’s stopping them targeting power grids or transport tomorrow?
Why are ransom demands sometimes so small – are amateurs getting lucky or are cyber gangs testing the waters?
Is Sweden just the warning shot, with the rest of Europe next in line for a cyber ambush?
Stay alert, stay informed
Cyber crime is no longer a distant threat, it is happening here and now, paralysing entire countries. Follow the Euro Weekly News for the latest updates on Sweden’s ransomware crisis and what it means for Europe’s digital security. Dive into our Swedish News in English section now.
Hopefully the Swedes recover soon.
“We are sorry, but the government is unable to pay your government salary / pension / welfare, until further notice.”
There is enough information regarding nameservers, hub traffic and other 'esoteric' info not in the public eye to find and end this.
If that is true why can’t we find the cyberattackerswho attack our US businesses and hospitals.
They’ve been found out multiple times.
Several groups are just chancers. But several other groups are operated by or funded by the Putin regime. This includes groups working across Russia, China and North Korea.
I actually got to chat with one of the Russian people involved a few years back (I worked in cyber defense). He was based out of a town in the Russian Caucasus. His attention was on medium and low level organisations ranging from pharmacy chains to sheriff’s departments in the USA. He used ransomware as a service. He said American cyber security outside of the largest federal systems is still almost as crap now as it was when Matthew Broderick starred in Wargames.
Imagine the reaction earlier this year when potus suddenly defunded the very organisations monitoring these groups, presumably because he doesn’t want to offend Putin by confronting Russia over the >20 years of cyber warfare it’s been conducting.
Russia was cyber attacking NATO and EU countries even while its leadership was VIP guests at NATO headquarters, and Russia was STILL enjoying its unearned free seat at the Council of Europe.
That’s what makes Trump’s kid gloves treatment of
Putin all the more bizarre. Putin literally says he isn’t the aggressor at the same time as ordering attacks on American digital infrastructure... With zero comeback.
“Putin literally says he isn’t the aggressor at the same time as ordering attacks on American digital infrastructure... With zero comeback.”
Trump doesn’t telegraph his punches.
Ask Iran or Maduro.
L
An excellent question, which I answer with an open guess.
In this world, while small and the internet "trackable" in many ways, not all nations are open with the West these days, not all nations will "deal" and not all nations would extradite, if asked.
Additionally, as we have seen with those Obama "burrowed in" bureaucrats and judges blocking President Trump repeatedly, there is a chance some even here in these United States participate in worldwide fraud.
Too many blocks, I imagine, stand in the simple path of tracking down and stopping this sort of crime.
After all, our marvelous enforcement entities "couldn't" figure out how cocaine was found in the White House....
It’s the RUZZIANS!!!!!! It’s GOT TO BE THE RUZZIANS!!!!
With ZERO evidence. Just like Vandercrazy’s plane having its GPS jammed (now debunked, by the way), or that poor Ukrainian Nazi being assassinated (now debunked, by the way). And that was just in the past week.
Track back digitally, identify the host nation(s), require extradition and prosecute. Wherever they are.
“He said American cyber security outside of the largest federal systems is still almost as crap now as it was when Matthew Broderick starred in Wargames.”
It seems like an easy target for organized crime of any sort.
The capos gotta earn!
Agreed. Wholeheartedly.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.