The hacker group Akira, with connections to Russia, is suspected of being behind the so-called ransomware attack this weekend where the Finnish IT provider Tietoevry was hit by an extortion virus.
Something that has led to major problems for a number of Swedish authorities, regions, municipalities and companies.
This type of crime is difficult to investigate, partly because, according to the police, international groups are behind it.
Since the criminal code for data breaches using malicious code for the purpose of extortion was introduced in 2020, no prosecutions have been brought for the crime in Sweden.
- There will be no prosecution here in Sweden when we see that the perpetrators are abroad.
But the evidence that is collected here is of the utmost importance, because otherwise you cannot solve the puzzle internationally and arrest people there, says Björn Eriksson, head of complex cybercrime group NOA.
Lockdowns and arrests abroad
He gives examples of when Swedish police have contributed, such as when the extortion network Hive was shut down last year in an operation coordinated by Europol, which also led to several arrests.
- We have a number of ongoing major operations where we are involved right now internationally where we will work to take down groups and their infrastructure, says Björn Eriksson.
- So it is of the utmost importance that you report and that you don't think that a closed Swedish case is wasted.
Unknown how many Swedish companies pay
The crime costs the victims around the world many billions and the blackmailers can earn large sums as some of the victims pay to regain access to their systems.
- Based on what we see, Swedish companies rarely choose to pay.
The problem is that we have such a gigantic number in the dark, that there are very few who report.
- If you then look at those who choose to pay, there are probably even fewer who choose to report, because then you don't want to go out with the fact that you have paid, says Björn Eriksson, group manager NOA.