by Camilla Nothhaft
Lund University, Sweden
“Bring back the cosy days of the pandemic, please,” a colleague with family in Russia recently said. We thought the pandemic was the trauma that would mark the current generation. But worse was to come. Not in numbers of dead, but in terms of threat to the whole world, the Ukraine crisis has already eclipsed the pandemic. There is no pause anymore, it seems. Crisis starts to be the new normal. Beck’s analysis of the risk society (1992), thirty years old, is truer than ever.
We can see that, without denying the awful consequence of the Covid-19 crisis, one of the pandemic’s few positive side-effects is that our societies have become more adept at dealing with crises, cope better with shocks, adapt quicker to new situations. Our society is more solidaric, our institutions more resilient. As for organizations, the pandemic forced many to get their crisis organization straight, their communication in top shape. The case of the Swedish grocery chain Coop illustrates how a company benefitted from its pandemic-preparedness when it was hit by another crisis.
In July 2021 one of Sweden’s largest grocery chains, locally-oriented Coop, was cyber-attacked by criminals. The blackmailers installed ransomware in Coop’s IT-system and told the company: if you want your cash-desks to work again, you’d better pay up. But Coop stood up to the bullies. The company refused to pay, closed down 700 of its 800 shops for almost a week, and solved the problem on its own.
A full week, it must be seen, is a long downtime for a neighbourhood food store. Not only did the company, with net sales of about 250 million Euro per year, lose revenue. In some thinly populated areas, the local Coop is the only grocery in a thirty-mile radius. There was a real chance of letting people down, of doing damage. But when the issue was resolved, Coop and its brand emerged stronger than ever. How did they do it? How did they communicate? Helena Esscher was Coop’s press spokesperson at the time of the attack. In our Campus Helsingborg StratComPod, soon to come, Helena shared her inside experiences.
But let’s begin with the outside view, through the eyes of the customer. For me, as a Coop regular, the crisis started on a morning in July with dangerously low milk levels in the fridge. Being sloppy shoppers, me and my family often run over to our neighbourhood store, as essentials run out. But when I made the trip that morning, the familiar green door did not slide open. A remarkable sign explained why. As a tea drinker in dire need of milk, I was stunned; as a strategic communication scholar, impressed. This shop is closed due to major IT disruptions, the sign read. Clearly, Coop was not mincing its words.
For Helena Esscher at Coop, the crisis started barely twelve hours earlier. The evening before, Helena was at home surfing social media, when she noticed a post in the countrywide Facebook group for Coop employees. Someone asked whether others also had trouble processing payments. “The cash registers are broken,” replied a colleague. Soon, similar reports came from everywhere in the country. Helena called the press-jour to confirm that her colleague on call was informed. Yes, she was. Two local journalists had called already. At about the same time, the real-time sales monitoring by the economy department picked up a massive drop. Cash flow was collapsing. Then the IT department received reports about systems going down everywhere. It was 20.00. Some Coop stores are open until 23.00.
At 21.00, the first crisis meeting took place. It was led by the IT department together with the press department. They soon understood the magnitude of the problem. At 22.00, Coop activated the crisis organization and held the first meeting with top management, IT, security and communication. After that, they called a meeting every second hour. In the meanwhile, the IT department tried to localize the problem. It soon became clear that it was a ransomware attack. Hackers had locked the system and demanded money.
At around 03.00 in the morning, an alternative to paying was on the table. IT realized the only way to solve the problem was to physically shut down. The top management took the decision: yes, close the shops, pull the plug. During the coming day, the IT-people would understand that the solution lay in restarting every cash-desk, manually, one by one.
The crisis team decided very early to be transparent, tell openly what had happened. Openness and transparency are textbook crisis communication, of course. But where does one draw the line? What must be told, and what cannot be told? Helena believes the willingness to be exceptionally open and transparent came from a change in self-perception – a change catalyzed by the pandemic. During the early days of the Covid-crisis, the government decided to declare food retail a “vital sector” for the community. For example, it would mean the authorities would commandeer Swedish Railway trains to deliver food to stores in the countryside if regular food logistics broke down. The local grocery store, especially in thinly populated areas, was a societally critical institution.
Moreover, thanks to the pandemic, internal communication was not a problem. Coop had established channels to reach its 22 000 employees quicker and more reliable. These channels were familiar to everyone; Coop employees were switched on. The signs that were put up at the shops were sent via the ordinary channels for marketing and other visual materials: special offers on Avocados one day, ransomware the next. As it was during pandemic days, regular newsletters provided employees with up-to-date information, sometimes twice daily.
Journalists kept calling, of course, and it was overwhelming. Helena, who didn’t have the jour during the night, was woken up by a journalist at 7.00. He couldn’t reach the press jour; the line was constantly taken. During the first weekend, the Coop press department – Coop is not normally accustomed to global interest – received about 200 calls from media all over the world. Numbers notwithstanding, the most important task was to deliver the same message to everyone, to control the narrative. And that narrative was simple. Ransomware attacks were a societal threat, not a Coop issue. Coop didn’t do anything wrong, but individuals in shops were working day and night to solve the situation. What happened to the stuff in the shops, journalists wondered. One of the solutions was to sell off perishable food to Coop’s competitors.
In the podcast interview, Helena emphasizes how more than 15 years of experience in news helped her to stay a step ahead, and for the press team to be proactive, provide material that shapes perceptions – like, for example, a CEO interview.
After the crisis Coop ran a billboard campaign thanking all the customers and asking the rhetorical question: How does one get through a global IT attack? The answer was: Together. It was a genius tagline, but it was not empty wordplay. Throughout the crisis, Helena’s organization enforced a strict policy that internal and external stakeholders would always receive the same information. In 2021, with a pandemic-hardened population, there was no need to pretend that everything was alright. After two years of Covid, people had seen worse.