French gov't gives more details of hack: 150 PCs compromised
IDG News Service - The French National IT Systems Security Agency released further details of the recent attack on French government computers, saying they were targeted by cyberspies.
Around 150 IT staff spent the weekend on a massive cleanup operation to undo the effects of the attack on computers at the French Ministry of Economy, Finances and Industry, the security agency's director-general said Monday night.
The attack compromised around 150 of the ministry's 170,000 PCs, agency director-general Patrick Pailloux said at a press conference.
The attack began with a wave of e-mail messages with malware-laden attachments that exploited then-unknown or unprotected flaws in the software running on the ministry's PCs. The messages were addressed to ministry staff of all levels, and purported to come from colleagues or regular correspondents elsewhere, while the attachments appeared to relate to their work, Pailloux said.
When the attachments were opened, they installed Trojan horse software on the PCs. Under the control of the unidentified attackers, that software was then used to compromise other PCs, to send data out of the ministry hidden in other Internet traffic, and finally to cover up its activities.
The attackers had access to mailboxes and servers over the course of several weeks. It took the agency until last week to figure out what the Trojan horse was doing, and just how far it had spread, Pailloux said.
While attacks on other French government computers were made during this time, none of them appeared to have succeeded, he said.
The technical level and coordination of the attacks on the Finance Ministry show that the hackers were determined and organized professionals, he said.
After disconnecting the ministry from the Internet, it took 150 IT staff all weekend to clean up and strengthen security systems before bringing the Internet connection back up on Monday morning, Pailloux said.
Pailloux declined to comment on who might be behind the attack, although he did acknowledge that it resembled an attack on Canadian government IT systems last month. That attack was initially blamed on the Chinese, an accusation the Chinese swiftly denied.
French Budget Minister François Baroin said this latest attack was probably from outside France: "We have some leads, but at this stage it's impossible to confirm them," he said in a radio interview Monday morning.
There is no sign that personal tax files were targeted, Baroin said, something later confirmed by the security agency.
"What was targeted, it seems, was the organization of the G20 as, so it seems, happened during the organization of the previous G20," Baroin said.
The G20, or Group of 20, meetings brings together the finance ministers and central bank governors of 19 countries and the European Union. In addition to the E.U., the G20 members are Argentina, Australia, Brazil, Canada, China, France, Germany, India, Indonesia, Italy, Japan, Mexico, Russia, Saudi Arabia, South Africa, South Korea, Turkey, the U.K. and the U.S.
- 20 Best iPhone/iPad Games of 2013
- Google Chromebook Buyer's Guide
- 10 Signs You're Probably a Techie
- 8 Things Kindle Fire HDX Does That iPad Air Can't
- Slideshow: 5 ways to lock down your mobile device
- Slideshow: 10 mistakes companies make after a data breach
- How to rob a bank: A social engineering walk through
- Which smartphone is the most secure?
Not that Sarah Connor, you fool.
Google (NASDAQ:GOOG) is on a robot buying spree. And nobody knows why. Amid worries of Skynet, there's also talk of elder care and nuclear cleanup. Whatever the company's plans, we'd better get used to this new reality. In IT Blogwatch, bloggers speculate to acclimate.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Bring Networks and Applications Closer--Cisco ONE
- A series of sweeping trends is placing new requirements on the tried-and-true network model--requiring network infrastructure and applications to communicate. Get the open...
- Lippis Research Reviews the Cisco Catalyst 2960-X
- In this Lippis Report Research Note, Lippis Research reviews the latest edition of the "most popular access switch on the planet" -- the...
- Design Guide--Scaling Up to a Campus-Wide LAN
- Is it time to scale your network environment to a campus wired LAN? Here's the framework you need to set up your LAN...
- Comprehensive Security: Cisco Catalyst 2960 Series
- With a rich and comprehensive set of security features, Cisco Catalyst 2960-X and 2960-XR Series Switches can help you address networking megatrends such...
- Be Energy Efficient--The Cisco Catalyst 2960 Series
- How much energy could be saved if all 230 million Layer 2 and 3 fixed managed switch ports sold in 2012 were as... All Government IT White Papers
- How SIEM Addresses the Challenges of Big Security Data This webcast will help you understand today's big data security challenges and how intelligent and scalable SIEM solutions give IT the tools and...
- BlackBerry Enterprise Service 10 In Action Designed for business leaders, IT decision-makers and IT administrators, this webcast features organizations that have migrated to BlackBerry® Enterprise Service 10 - or...
- BlackBerry Enterprise Service 10 Implementation Solutions - BlackBerry Technical Services to Make your Deployment Fast, Effective and Robust Find out how BlackBerry® implementation and migration services can help you optimize your Enterprise Mobility Management infrastructure and ease your transition to BlackBerry®...
- BlackBerry Enterprise Server 5 to BlackBerry Enterprise Service 10 - Lifting The Hood This webcast takes a close look at the differences between BlackBerry Enterprise® Service 10 and BlackBerry® Enterprise Server 5. Learn how BlackBerry Enterprise...
- BlackBerry 10 Tips and Tricks from the Pros Find out how advanced users do more, faster, with their BlackBerry® 10 devices - with tips and tricks on using the swipe and...
- All Government IT Webcasts
Does your organization offer extensive benefits, cool perks, competitive salaries, opportunities for training and advancement? Then get it recognized!
Nominate your company or another deserving organization for Computerworld's 2014 Best Places to Work in IT list now through Dec. 20, 2013.