The group calls itself Datacarry, as SVT has previously reported, and demanded in connection with the cyberattack 1.5 bitcoins (equivalent to just over 1.5 million kronor) to refrain from publishing the stolen information.
This criminal group has existed for a relatively short time, says Marcus Murray, founder of the company Truesec, which is investigating the attack on Miljödata.
But people in such networks often change affiliation, so it doesn't have to mean that they are beginners, he points out.
He does not believe that the attackers had any great hope of getting any money, but rather that it is about showing what capacity they have to cause harm.
Cybercriminals, like other criminal groups, want to build up a violence capital, he notes.
Create anxiety
The fact that community-based systems are being targeted is a clear trend after the full-scale invasion of Ukraine and the Swedish NATO application, according to Marcus Murray.
One conclusion that can be drawn is that there is an interest in creating anxiety in our society and in reducing confidence in our public activities' ability to protect citizens' information.
Miljödata does not give interviews. On the company's website, it is neither confirmed nor denied that protected information has been leaked, but Miljödata emphasizes that there is no particular support for protected identity in the company's system.
Customers are advised not to transfer such information to Miljödata's various platforms, unless they are anonymized.
Pen and paper?
How can sensitive information then be protected? Is it a return to pen and paper that applies?
From Jonas Nilsson, information security strategist at the Swedish Association of Local Authorities and Regions, the answer is no.
Reversing digitalization in Sweden is not an option, he says.
Instead, municipalities and regions must strengthen security by making tougher demands on strategic suppliers of IT services and conducting more thorough follow-ups to ensure that the requirements are met, he believes.
That each municipality should handle this on its own, Jonas Nilsson thinks is unrealistic. His proposal is that the National Cyber Security Center takes on the task.
I think we should be able to cooperate better in Sweden to achieve a better basic level when it comes to information and cyber security.
Cecilia Klintö/TT
Facts: The cyberattack on Miljödata
TT
On August 23, an IT attack was carried out against the system supplier Miljödata, which, among other things, has 80 percent of the municipalities as customers.
Regions, authorities, and private organizations also use Miljödata's systems for handling, among other things, labor law cases, rehabilitation cases, as well as handling work injuries and incidents.
The group behind the cyberattack gained access to information about hundreds of thousands of people, for example, all employees in the City of Stockholm and Region Skåne.
This includes information such as personal identity numbers, phone numbers, addresses, email addresses, employment IDs, occupations, and positions.
On September 14, the information was published on the darknet.
The incident is being investigated as gross data intrusion and attempted gross extortion.
