France: Security officials fear Russian hacking attack
February 15, 2021
Officials believe that a series of hacking attacks between 2017 and 2020 appear to have been carried out by Sandworm, a group suspected of being closely connected to Russian military intelligence.
Image: Nicolas Asfouri/AFP/Getty Images
Advertisement
France's national cyber security agency said on Monday that several organizations had been targeted by hackers in cases that bore similarities to other attacks by a group linked to Russian intelligence.
Officials said they exploited a vulnerability in monitoring software sold by French group Centreon.
The firm lists several blue-chip French companies as clients, such as power group EDF, defense group Thales, or oil and gas giant Total.
None of those companies were cited in the revelations by the French National Agency for the Security of Information Systems, known by its French acronym ANSSI.
French oil giant Total is a cilent of the software firm that was targeted, although authorities said 'information technology' companies were the main targets in this caseImage: Reuters/R. Duvignau
The French ministry of justice and city authorities such as Bordeaux are also named as Centreon customers on the group's website, but they did not appear to have been compromised, according to a statement on the incident.
"This campaign mostly affected information technology providers, especially web hosting providers," said ANSSI in a report.
It said "a backdoor" on several Centreon servers gave the hackers access to its networks.
"This campaign bears several similarities with previous campaigns attributed to the intrusion set named Sandworm," said the report.
Who are Sandworm?
Sandworm is a group of hackers believed to be close to Russian military intelligence.
The report, entitled "Sandworm Intrusion Set Campaign Targeting Centreon Systems," was released on Monday.
It gave technical details about how the hackers gained access to the Centreon servers. The hacking attacks took place between 2017 to 2020, ANSSI added.
In 2018, Sandworm hacked two of Germany's major public broadcasters, ARD and ZDF.
The US expelled 35 Russian diplomats over a bitter row between the two countries. The Kremlin denied US intelligence reports that it supported hackers who tried to sway the outcome of the 2016 presidential election.
Image: Getty Images/AFP/K. Kudryavtsev
Democrats in the dark
Over the summer, a security company hired by the Democratic National Convention tells the DNC that they have been successfully infiltrated by hackers for more than year. Two groups, known as Cozy Bear and Fancy Bear, both have links to the Russian government, the Washington Post reports.
Image: Reuters/M. Kauzlarich
All eyes on Russia
At the end of July, the FBI launches an investigation into whether or not the Russian government ordered the DNC hack. Kremlin spokesman Dmitry Peskov calls the move "paranoid."
Image: picture-alliance/dpa
'Russia, if you're listening'
On the campaign trail, Republican nominee Donald Trump encourages Russia to "find the 30,000 emails that are missing." In a series of debates with rival Hillary Clinton, Trump casts doubt on Moscow's role in hacks that targeted the DNC and Clinton's campaign manager, John Podesta.
Image: Reuters/J. Ernst
WikiLeaks targets Clinton
Anti-secrecy website WikiLeaks begins releasing slightly compromising emails from Clinton campaign chairman John Podesta. Co-founder Julian Assange defends targeting Clinton, saying Trump's own statements are indictment enough of the Republican nominee. Over a period of months, WikiLeaks consistently denies allegations that its sources are based in Russia.
Image: Reuters/A. Schmidt
CIA, FBI investigations
In a rare moment of complete agreement for the two biggest intelligence agencies in the US, both the FBI and CIA come to the conclusion that the Russian government sought to influence the US election by promoting unfavorable coverage of Hillary Clinton.
Image: Alex Wong/Getty Images
Donald and Vladimir
Trump, who has made no secret of his admiration for Russian President Vladimir Putin, calls the intelligence reports "ridiculous." Anti-Clinton voices slam the probe as a distraction meant to discredit the now president-elect. This puts Trump at odds with Republicans in Congress who call for an independent investigation.
Image: picture-alliance/dpa/S. Thew & A. Druzhinin/Ria Novosti/Kremlin Pool
Obama expels diplomats
At the end of December, the Obama administration expels 35 Russian diplomats and shuts down two Russian intelligence compounds as the Kremlin continues to deny having a role in the summer's cyberattacks. President Putin eschews direct retaliation, saying he will wait to see how President-elect Trump's Russia policies play out.
Image: picture-alliance/AP Photo/P. M. Monsivais
7 images1 | 7
Russian hackers were also thought to have obtained emails from the campaign of French presidential candidate Emmanuel Macron, which were leaked just before the French election in early May of 2017.
