France’s national cybersecurity agency says it has discovered a hack of several organisations that bore similarities to other attacks by a group linked to Russian intelligence.
The report, entitled “Sandworm Intrusion Set Campaign Targeting Centreon Systems”, was released on Monday and gave technical details about how the hackers gained access to the Centreon servers.
Speaking on Monday it said the hackers had taken advantage of a vulnerability in monitoring software sold by French group Centreon, which lists blue-chip French companies as clients, such as power group EDF, defence group Thales, or oil and gas giant Total.
The French ministry of justice and city authorities such as Bordeaux are also named as Centreon customers on the group’s website.
This long period of time suggested attackers who were “extremely discreet, probably with the aim of stealing information or spying,” Billois said, adding that it would take time to see the full scale of the attack.
US intelligence and law enforcement agencies have said that Russia was probably behind a massive hack recently discovered against US firm SolarWinds, which sells software widely found in government and private sector computers.