Tag Archive for: French

French state services hit by ‘intense’ cyber attack

/in


PARIS – Cyber attacks of “unprecedented intensity” have targeted several French government institutions just months before the Paris Olympics but have been contained, the prime minister’s office said on March 11.

The latest cyber attack to hit France follows a warning from Prime Minister Gabriel Attal’s defence adviser just last week that the Olympics games in July and European Parliament elections in June could be “significant targets”.

Mr Attal’s office said several state bodies were targeted, but did not provide details.

“Many ministerial services were targeted” from March 10 “using familiar technical means but of unprecedented intensity”, Mr Attal’s office said.

A security source told AFP that the attacks “are not currently attributable to Russia”, an obvious suspect for many given Paris’ support for Kyiv since the invasion of Ukraine.

Mr Attal’s staff added that a “crisis cell has been activated to deploy countermeasures”, meaning “the impact of these attacks has been reduced for most services and access to state websites restored”.

Specialist services including information security agency ANSSI were “implementing filtering measures until the attacks are over”.

Several hacker groups claimed responsibility for the attacks on messaging app Telegram, including one calling itself Anonymous Sudan, which said it had launched a distributed denial of service (DDoS) attack on French government network infrastructure.

“We have conducted a massive cyber attack… the damage will be widespread,” the group, which posts with an avatar of a hooded Guy Fawkes mask in front of a desert scene with pyramids, said in a Telegram post.

Guy Fawkes is famous for his 1605 plot to blow up Britain’s Parliament, and his image has become a widespread symbol for revolutionary protest.

“A lot of different digital government sectors have been affected, including very important websites, with their respective subdomains,” it said.

Anonymous Sudan is a known outfit that has carried out attacks in the past year against websites in countries, including Sweden, Denmark and Israel.

Purportedly based in Sudan, it says it targets what it deems to be…

Source…

French Supreme Court rejects EncroChat verdict after lawyers question secrecy over hacking operation

/in


France’s Supreme Court has referred a criminal case that relies on evidence from the hacked EncroChat encrypted phone network back to the court of appeal after finding that prosecutors failed to disclose sufficient information about the hacking operation.

The Cour de Cassation in Paris found that French investigators and prosecutors had failed to supply a certificate to authenticate intercepted phone data and messages obtained from EncroChat phones as required by French law. There was also an absence of technical data about the hacking operation, the court found.

French police and prosecutors refused to disclose how a joint Dutch and French operation to hack EncroChat, which led to thousands of arrests of suspected organised criminals around the world, was undertaken – citing defence secrecy.

Defence lawyer Robin Binsard, co-founder of law firm Binsard Martine, which took the case to the Supreme Court, said last night that the case would be re-heard by the court of appeal to determine whether adequate legal guarantees were in place.

“The Supreme Court stated that, in the absence of a certificate of truthfulness, the evidence covered by defence secrecy could not be legal. The case will be sent to another court to see if the certificate exists. In the meantime, there is no guarantee of validity of evidence from EncroChat,” he wrote on Twitter.

“The Supreme Court stated that in the absence of a certificate of truthfulness, the evidence covered by defence secrecy could not be legal. The case will be sent to another court to see if the certificate exists. In the meantime, there is no guarantee of validity of evidence from EncroChat”

Robin Binsard, Binsard Martine

The hearing follows an operation by French cyber experts to harvest 120 million messages from EncroChat phone users in multiple countries, in a novel interception operation that provided a rich source of intelligence and evidence on the activities of criminal groups in 2020.

In the UK, the National Crime Agency (NCA), working with regional organised crime units, the Metropolitan Police and other law enforcement agencies, made more than 2,600 EncroChat-related arrests using the French data by…

Source…

Paralysed French hospital fights cyber attack as hackers lower ransom

/in


Issued on: Modified:

A hospital southeast of Paris has been crippled by an ongoing cyberattack, drastically reducing the number of patients who can be admitted and forcing a return to pre-digital workflows. Security experts are trying to retake control of the computer system as ransom negotiations continue.

The GIGN elite tactical force of the French gendarmerie is involved in negotiating with the hackers who targetted the Corbeille-Essonnes hospital 10 days ago.

The attack has blocked access to all medical imaging storage and patient admissions systems.

GIGN negotiators, who usually work on counter-terrorism and hostage release operations, have been communicating with the attackers via the Protonmail secure email service.

According to the Parisien newspaper, they have managed to talk down the ransom from $10 million to $1 million.

France won’t pay

Even if the ransom has been negotiated down, the hospital will not pay.

“Even if they ask for 150,000 euros, we will not pay. That is the rule that has been established,” the president of the board of the hospital, Medhy Zeghouf, told Le Parisien.

But the negotiations buy time for investigators who are trying to locate the attackers and regain access to the data.

The attack appears to be the work of the Lockbit group of Russian-speaking hackers, who have been behind several similar cyber attacks elsewhere in the world, notably in the United States, where private clinics are more likely to pay ransoms than hospitals in France.

Back to analogue

The hospital, meanwhile, continues to function, but at half capacity. Some 500 patients, including 13 children, have been transferred to other institutions.

Those patients left are being treated by doctors forced to communicate with pre-digital tools.

As digital security experts work to create a secure digital bubble around the hospital, staff have been prohibited from plugging in their computers.

Those most affected are the imaging services and the blood work laboratory, which have had to resort to burning data onto DVDs to share…

Source…

Paralysed French hospital fights cyber attack as hackers lower ransom demand

/in


Issued on:

A hospital southeast of Paris has been crippled by an ongoing cyberattack, drastically reducing the number of patients who can be admitted and forcing a return to pre-digital workflows. Security experts are trying to retake control of the computer system as ransom negotiations continue.

The GIGN elite tactical force of the French gendarmerie is involved in negotiating with the hackers who targetted the Corbeille-Essonnes hospital 10 days ago.

The attack has blocked access to all medical imaging storage and patient admissions systems.

GIGN negotiators, who usually work on counter-terrorism and hostage release operations, have been communicating with the attackers via the Protonmail secure email service.

According to the Parisien newspaper, they have managed to talk down the ransom from $10 million to $1 million.

France won’t pay

Even if the ransom has been negotiated down, the hospital will not pay.

“Even if they ask for 150,000 euros, we will not pay. That is the rule that has been established,” the president of the board of the hospital, Medhy Zeghouf, told Le Parisien.

But the negotiations buy time for investigators who are trying to locate the attackers and regain access to the data.

The attack appears to be the work of the Lockbit group of Russian-speaking hackers, who have been behind several similar cyber attacks elsewhere in the world, notably in the United States, where private clinics are more likely to pay ransoms than hospitals in France.

Back to analogue

The hospital, meanwhile, continues to function, but at half capacity. Some 500 patients, including 13 children, have been transferred to other institutions.

Those patients left are being treated by doctors forced to communicate with pre-digital tools.

As digital security experts work to create a secure digital bubble around the hospital, staff have been prohibited from plugging in their computers.

Those most affected are the imaging services and the blood work laboratory, which have had to resort to burning data onto DVDs to share information.

And it takes five times as…

Source…