Cybersécurité dans l'espace: comment Thales relève les défis à venir
On 8 November 2022, the telecommunications company Orange informed its Spanish customers that one of its suppliers had suffered a cyber security breach. One of the affected subcontractors is believed to be a debt collection service and has had data exfiltrated about some of the company's buyers. Although the number of customers affected is unknown at this time, all affected customers have reportedly been notified of the leak via email or SMS. The data stolen from the subcontractor is said to contain the full name, postal address, telephone number, email, DNI/NIE numbers, delivery date, nationality and IBAN code of the current account of some buyers. Read more about it : here
On 22 November 2022, the pro-Russian hacktivist group KillNet announced that it had launched a series of DDoS attacks against several official websites in Britain. The sites affected were: the Royal Family website, the London Stock Exchange website, the BacsUK website and the British Army website. During the attack, all sites were accessible from the US, but the British Army site appeared to be under maintenance. Read more about it : here
One of the spokesmen for the pro-Ukraine hacktivist group TeamOneFist claimed responsibility for a major attack on the Russian satellite network "Gonets" during the "Pleiades" cyberoperation. The attack would have disabled the satellite network. He claims to have penetrated the CRM/customer database, which is referenced by the network in order to send/receive messages. Having failed to download the database, which was under heavy surveillance, the group decided to destroy it without being detected. From this data, the group discovered that the Gonets network was used by 97 organizations to transmit sensitive data, including fishing companies, energy companies and the FSB. Read more about it : here
On 6 November 2022, the pro-Russian hacktivist group KillNet launched a campaign of DDoS attacks on the websites of the intelligence services and state committees of several Baltic states. The targets include Estonia, Poland, Romania, Bulgaria and Moldova. KillNet claims responsibility for these attacks, considering the Baltic states as rotten states. As the targeted sites are the platforms of several entities of possible intelligence interest, it is likely that this prevented some services from working during the time of the attack. During this time, the impact was likely to be significant for those affected services, which may not have been able to connect to the platforms. Read more about it : here
On 16 October 2022, the website of the Bulgarian presidency as well as the websites of the Ministry of Defence, the Ministry of the Interior, the Ministry of Justice and the Constitutional Court were hit by a DDoS attack originating from Russia and more specifically from the city of Magnitogorsk. Bulgarian Prosecutor General Ivan Geshev called the attack a "serious problem" and an "attack on the Bulgarian state". Following this, in a statement from the Russian KillNet-affiliated hacktivist group "Anonymous russia", the Russian hacker KillMilk said that the attacks were carried out under his supervision against "the corrupt state of Bulgaria". Read more about it : here
The pro-Russian hacktivist groups "We are Clowns" and "Phoenix" have jointly stated in a statement that they will target the Russian region of Dagestan in future attacks. The reason for these attacks is that Dagestan is contesting the war in Ukraine and if the government cannot stop it, they will. The threats made by pro-Russian hacktivists against parts of their own country are evidence of the disorganization of some cyber groups and the possible laissez-faire attitude of the Russian government towards the repression of dissent in Russia itself. Read more about it : here
On 3 November 2022, the computer systems of the Office Hydraulique de Corse were hit by a ransomware attack. All network and computer systems were blocked and a ransom was demanded without the amount being communicated to the public. According to the office's press release, 33 servers were affected by this attack. No details on the group behind the attack have been released yet. The impact of this attack is potentially severe. Indeed, if these computer systems are completely locked, it is likely that some of the water services management systems will be difficult to use or even unusable, forcing the management teams to work in a degraded manner. Read more about it : here
According to the media outlet Ransomwaremap, the cybercriminal group LockBit 3.0 claimed responsibility for a ransomware attack against the Czech security and weapons production company "DSS" on 16 September. The company has until 23 September to pay the ransom and recover 200 gigabytes of stolen data. According to LockBit, the data contains arms contracts and customer data of DSS. Read more about it : here
According to a press release dated 16 October 2022 from the French community of communes "Entre Bièvre et Rhône", the network called "Ecume" used to link the media libraries together suffered a cyber attack on Thursday 13 October. As a result, the network will be unavailable for an indefinite period of time, preventing access to all the services normally provided. Read more about it : here
A new group of pro-Russian hacktivists emerged via an attack claim on 5 October 2022. The group calls itself "We are Clowns" and claims to have launched a DDoS attack against the website of the Human Rights Centre in Slovakia. The group also stated the duration of the attack when it was carried out, namely two hours. The creation of this group and its attack on a Slovakian site is part of a new campaign by various Russian groups targeting countries supporting Ukraine's membership of NATO. Read more about it : here