The French cybersecurity company warned that an assault much like one utilized by Russian navy hackers has been penetrating firms that use Centreon software program for 3 years.

The assault began in late 2017 and continued into 2020, watchdog ANSSI stated in a report. Centreon sells its network-monitoring software program to clients together with Thales SA and Orange SA, although ANSSI didn’t determine firms which will have been uncovered within the hack.

“This marketing campaign bears a number of similarities with earlier campaigns attributed to the intrusion set named Sandworm,” ANSSI stated, referring to the Russian cyber-espionage group. It found the presence of a “backdoor” vulnerability on a number of Centreon servers.

Learn extra: After big hack of US government, Biden enlists ‘world class’ cybersecurity team

A consultant for Centreon didn’t instantly reply to a request for remark. Thales stated it was investigating the matter and declined to remark additional. Orange didn’t have a direct remark.

Sandworm is the nickname cybersecurity researchers have given a group of hackers working with Russia’s navy intelligence directorate, the GRU. The US authorities has accused the group, in any other case referred to as Unit 74455, of perpetrating a variety of large-scale hacks lately.

Between 2015 and 2018, Sandworm attacked Ukraine’s energy grid, focused chemical weapons inspectors within the UK, and hacked French President Emmanuel Macron’s political social gathering, in line with the US Justice Division. US authorities have additionally blamed the group for NotPetya, a collection of malware assaults that in 2017 affected firms and organizations in additional than 60 international locations, inflicting billions of {dollars} of injury and affecting the operations of hospitals and different medical amenities, in addition to a few of the world’s largest firms.

Additionally learn: PM Modi, Sundar Pichai discuss data security, cyber safety ahead of Google for India event

France’s unveiling of the hack additionally comes after the sprawling cyberattack on the US authorities and personal sector by suspected Russian hackers final yr. They’re thought to have implanted malicious code into common software program from Texas-based SolarWinds Corp. that affected as many as 18,000 clients.

Source link


Please enter your comment!
Please enter your name here