French gov't gives more details of hack: 150 PCs compromised
IDG News Service - The French National IT Systems Security Agency released further details of the recent attack on French government computers, saying they were targeted by cyberspies.
Around 150 IT staff spent the weekend on a massive cleanup operation to undo the effects of the attack on computers at the French Ministry of Economy, Finances and Industry, the security agency's director-general said Monday night.
The attack compromised around 150 of the ministry's 170,000 PCs, agency director-general Patrick Pailloux said at a press conference.
The attack began with a wave of e-mail messages with malware-laden attachments that exploited then-unknown or unprotected flaws in the software running on the ministry's PCs. The messages were addressed to ministry staff of all levels, and purported to come from colleagues or regular correspondents elsewhere, while the attachments appeared to relate to their work, Pailloux said.
When the attachments were opened, they installed Trojan horse software on the PCs. Under the control of the unidentified attackers, that software was then used to compromise other PCs, to send data out of the ministry hidden in other Internet traffic, and finally to cover up its activities.
The attackers had access to mailboxes and servers over the course of several weeks. It took the agency until last week to figure out what the Trojan horse was doing, and just how far it had spread, Pailloux said.
While attacks on other French government computers were made during this time, none of them appeared to have succeeded, he said.
The technical level and coordination of the attacks on the Finance Ministry show that the hackers were determined and organized professionals, he said.
After disconnecting the ministry from the Internet, it took 150 IT staff all weekend to clean up and strengthen security systems before bringing the Internet connection back up on Monday morning, Pailloux said.
Pailloux declined to comment on who might be behind the attack, although he did acknowledge that it resembled an attack on Canadian government IT systems last month. That attack was initially blamed on the Chinese, an accusation the Chinese swiftly denied.
French Budget Minister François Baroin said this latest attack was probably from outside France: "We have some leads, but at this stage it's impossible to confirm them," he said in a radio interview Monday morning.
There is no sign that personal tax files were targeted, Baroin said, something later confirmed by the security agency.
"What was targeted, it seems, was the organization of the G20 as, so it seems, happened during the organization of the previous G20," Baroin said.
The G20, or Group of 20, meetings brings together the finance ministers and central bank governors of 19 countries and the European Union. In addition to the E.U., the G20 members are Argentina, Australia, Brazil, Canada, China, France, Germany, India, Indonesia, Italy, Japan, Mexico, Russia, Saudi Arabia, South Africa, South Korea, Turkey, the U.K. and the U.S.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
If you use ‘password,’ one the worst passwords, as your password, fail to keep antivirus protection updated and don’t bother to deploy security patches to close critical vulnerabilities, then maybe you should consider working for the cybersecurity-clueless federal government; you’d fit right in, according to Senator Tom Coburn's cybersecurity and critical infrastructure report.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
- This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
- Is Your Big Data Solution Production-Ready?
- Read "Is Your Big Data Solution Production-Ready?" now, and discover best practices and actionable steps to implementing a production-ready big data solution.
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses
- IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center
- IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results
- Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup... All Government IT White Papers
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,...
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the...
- Containerization Options: How to Choose the Best DLP Solution for Your Organization This webcast outlines a framework for making the right choice when it comes to containerization approaches, along with the pros and cons of...
- All Government IT Webcasts