unsaveSave
Stolen data is up for sale on Russian hacker forums, Aftonbladet’s review shows.
But the companies neither dare to speak out openly nor report to the police.
– It is unpleasant, troublesome and disturbing, says a business owner.
By contacting hackers who sell various data breaches in closed Russian hacker forums, Aftonbladet has obtained a list of the Swedish organizations and companies that can be hacked.
– I have called our IT guy and have taken preventive measures, says the CEO of a company that was on the hackers’ list.
“Moving on with life”
Aftonbladet has been in contact with all the companies on the list – including a school and a university – but only two of them agree to be quoted.
– It is sad that criminals feel free to hack without any penalty. The only thing we can do is take safety measures, says a business owner of an interior design store.
It is not the first time that the interior design store’s website has been hacked. Most recently, the store was subjected to something called black digital marketing. Then the entire website content was linked to Japanese sites.
Have you filed a police report?
– No, it’s just bullshit! We just clear the virus, restore everything and move on with life. What should the police do?
expand-left
full screen Photo: Øijord, Thomas Winje / NTB
Less than three percent report to the police
Less than three percent of the companies that have been exposed to hacker attacks file a police report, according to Jan Olsson, criminal inspector at the national IT crime center within Noa.
– The companies don’t want it to come out because then the customers choose to go elsewhere, says Olsson.
The picture is confirmed by the companies and universities themselves.
– I want to remain anonymous because it is bad marketing for us when people find out that we have been hacked. It is not good that our information is out for sale on the darknet, says the owner of the interior design store.
“Nobody wants to take responsibility”
It is the companies’ own responsibility to protect themselves against data breaches. The police get involved when a hacker attack has already taken place and an investigation has begun. Therefore, it becomes problematic for the police if the attacks are not reported.
– Then we cannot get more resources to counter hackers and thus be able to do more to prevent it, says Olsson.
But the companies think differently.
– Nobody wants to take responsibility. The police do not have those resources. Should they investigate murder or someone who was hacked? says the owner of the interior design store.