Hacker attack, because this time France has indicated those responsible

27 July 20213 years ago babelfish

Generally, the French National Information Systems Security Agency (Anssi) is careful not to attribute the origin of hacker attacks. The article by Giuseppe Gagliano

The French National Information Systems Security Agency [ANSSI] has just sounded an alarm about a "vast compromise campaign affecting many French entities". This "particularly virulent" attack is "still ongoing" , and was allegedly conducted by the APT31 cyber hacker group.

“Investigations show that this modus operandi compromises routers to use them as anonymization relays, before carrying out reconnaissance and attack actions. Markers are thus provided, coming from routers compromised by the attacker, to allow compromises to be searched [from the beginning of the year 2021] and detected ", explains ANSSI, which asks to send" any incident discovered in relation to this campaign " .

However, according to cybersecurity firm FireEye , APT31's mission is "to gather information to provide political, economic and military benefits to state-owned enterprises and the Chinese government." Its targets are generally administrations, financial institutions and companies in the defense, aerospace and even telecommunications sectors.

Generally, ANSSI is careful not to attribute the origin of cyber attacks. Thus, last February, he reported on a "campaign of attack of the operating mode 'Sandworm' against Centreon servers", without however explicitly designating Russia, while the aforementioned group had already been accused by the United States.

In his latest advisory, he also does not blame China directly, but only the hacker group he has identified.

After the indictment, a technical act, comes the attribution, a political act that can vary according to the geopolitical situation or other interests, and that can be made public, as Americans do, or be denounced in private and remain secret . Sometimes I accompany political authorities in complicated countries to which they say: "We have discovered you up to now, what you are doing is unacceptable".

Choosing a non-public communication channel is probably the optimal efficiency that can be achieved, also recently explained Guillaume Poupard, director of ANSSI, during a parliamentary hearing .

The alert issued by the French cybersecurity agency comes after NATO denounced China's "harmful activities" in cyberspace and the United States, with the support of their partners in the so-called "Five Eyes" circle. , Australia, Canada, New Zealand].

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/mondo/attacco-hacker-perche-stavolta-la-francia-ha-indicato-i-responsabili/ on Mon, 26 Jul 2021 18:35:48 +0000.