It’s almost terrifying as usual: very often a city, an administrative service or a French departmental council is the victim of a cyber attack.
Often linked to Russian or pro-Russian groups, these cyberattacks have become much more frequent in the last year. On November 8, the administrative services of Seine-et-Marne suffered a “large-scale” cyberattack. In October, the cities of Chaville (Hauts-de-Seine) and Brunoy (Essonne) who paid the price. At the end of September, the city of Caen (Calvados) was paralyzed by an attack on the municipal servers. And this Tuesday, November 22, it was the Guadeloupe region that experienced a “large-scale” cyberattack, which forced the closure of all computer networks. While a diagnosis is being made, the attack has not yet been claimed but adds to the long list of local institutions that have suffered the same fate.
prolific bands
While French businesses are facing a cyberattack rate that has skyrocketed since 2021, it is now France’s cities that must protect themselves against malicious digital acts. Various actors regularly return to the front of the stage, including most of the groups that claim to be pro-Russian, such as LockBit, Cuba Ransomware or Killnet.
Particularly prolific, the Lockbit group – after the name of the ransomware it uses – has carried out a series of attacks in recent months, most of them targeting French companies. For example, he was behind the attack on the Corbeil-Essonnes hospital, which occurred at the end of September.
On November 15, a man suspected of being a member of the Lockbit group was arrested in Ontario, Canada. With AFP, the Paris prosecutor’s office lists at least 115 the number of its attacks against French victims and 2000 in the world.
Lockbit is among the most active ransomware groups. The criminals behind the ransomware “rent” their service to hackers defined as “affiliates”, that is, they work under the name Lockbit and carry out the attacks themselves.
The group is often described as pro-Russian, with no official confirmation having been made. as the newspaper says The world, the software used by Lockbit is designed in such a way that it will not affect computers located in Russia or Russian-speaking territory. In addition, he was active in a popular Russian-language chat group in the cyber attack community, the newspaper said.
retaliatory attacks
For its part, the Killnet group is behind the closure of Emmanuel Macron’s campaign site on the occasion of the presidential elections, wanting in particular to “denounce France’s support for Ukraine”.
The group is particularly illustrated in the so-called “DDoS” attacks, for denial of service, which consist of obstructing a network with millions of automated users so that it works badly. Killnet primarily targets government institutions, claiming the attacks as “revenge” in response to attacks against Russia. For example, the group claimed responsibility for a cyber attack on Lithuanian network infrastructure, saying it was in retaliation for stopping the transit of goods to the Russian territory of Kaliningrad.
If the most active groups tend to identify themselves as Russian or pro-Russian, in addition to the various clues that suggest so, it is because the country has stood out in recent years as particularly fertile ground in the midst of cyberattacks. This is what had raised fears of a “cyber war” at the dawn of the invasion of Ukraine, which led the country to equip itself with a digital army to counter possible attacks.
The fear of a harsh winter
Today, the threat is such that Guillaume Poupard, director of the National Agency for the Security of Information Systems, fears a particularly painful winter for French digital technology, he said in an interview published on November 18 with Daily the Parisian. At issue, the seasonal solicitation of French energy systems, which may be vulnerable to foreign attacks.
But why do these groups attack town halls, hospitals or departmental councils? For Guillaume Poupard, the answer is vague. “Explaining why we lose a county council per week, I could not do it because they are victims who do not pay a ransom. They are whites who now know that they are fragile,” the director told the newspaper.
One of the main paths lies in the destabilization of national security systems. However, these attacks, on the contrary, stimulate a strengthening of the security systems established by France, and even by the international community. The government has just granted, for example, an endowment of 30 million euros to SMEs and communities so that they can arm themselves effectively against these attacks.
Source: BFM TV
