In 2023, France’s National Cybersecurity Agency (ANSSI) reported a significant increase in cyber espionage campaigns targeting strategic organizations [3], with a focus on individuals and non-governmental structures handling sensitive data [3].
Description
The primary targets included organizations associated with the French government [3], such as technology and defense contractors [3], research institutes [1] [3] [4], and think tanks [1] [2] [3] [4]. ANSSI recorded 3703 cyber events in 2023 [3], including 1112 cyber incidents [3], with ransomware attacks seeing a 30% increase compared to 2022. Small and medium enterprises and mid-sized businesses were the most targeted [3]. Attackers are exploiting vulnerabilities in software supply chains [3], with the top five vulnerabilities being in VMWare [3], Cisco [3], Citrix [3], Atlassian [3], and Progress Software products [3], including the Citrix Bleed and MOVEit vulnerabilities [3]. The level of cyber threats in France is on the rise [1], with attackers mainly originating from China and Russia [1]. Attempts at destabilization [1], including online content disruption and tarnishing an organization’s image for political purposes [1], have also increased [1] [2] [4]. While these attacks are often carried out by amateur groups from China and Russia [1], more dangerous attacks involving foreign powers infiltrating sensitive information systems have been observed [1]. The ANSSI has implemented measures to enhance cybersecurity for the upcoming Paris 2024 Olympics and Paralympics [1], as these events may present additional opportunities for cyber attackers [1]. ANSSI has observed a rise in cyber threats [4], including espionage [4], extortion [1] [4], destabilization [1] [4], and sabotage [4]. The agency reports an increasing targeting of think tanks [4], research institutes [1] [3] [4], and personal or professional mobile phones for espionage purposes [4]. Additionally, ransomware attacks for financial gain have increased by 30% following a decline in 2022 [4], according to ANSSI data [4]. The ANSSI director [2], Vincent Strubel [2], notes a 30% rise in cyber incidents from 2022 to 2023 [2], with a variety of targeted activities in defense [2], diplomacy [2], and commercial espionage [2]. Russian-linked groups have re-emerged in cyber espionage [2], expanding their targets to include sensitive administrations and organizations [2]. The ANSSI is also wary of state-sponsored sabotage on critical infrastructure by aggressive Russian groups [2], with fears of potential physical infrastructure destruction [2]. The agency is preparing for potential cyber threats during the upcoming Olympic Games in France [2], emphasizing the need for enhanced cybersecurity measures and rapid response to vulnerabilities [2]. Additionally, ransomware attacks have increased in 2023 [1] [2], with a shift in tactics and a rise in infostealer attacks targeting browser data to access cloud services [2]. The ANSSI highlights the importance of cybersecurity hygiene [2], urging prompt security patching to prevent exploitation by cybercriminals targeting a wide range of organizations [2].
Conclusion
The rise in cyber threats targeting strategic organizations in France poses significant risks, with impacts on national security and economic stability. ANSSI’s efforts to enhance cybersecurity measures and prepare for potential threats during major events like the Paris 2024 Olympics are crucial in mitigating these risks. Continued vigilance, prompt response to vulnerabilities [2], and collaboration with international partners are essential in safeguarding sensitive information systems from cyber attacks in the future.
References
[1] https://www.la-croix.com/france/cyberattaques-la-menace-en-pleine-expansion-en-france-en-2023-20240227
[2] https://www.lemondeinformatique.fr/actualites/lire-l-anssi-s-inquiete-du-risque-de-cyber-sabotage-de-groupes-lies-a-la-russie-93075.html
[3] https://www.infosecurity-magazine.com/news/cyber-espionage-france-2024/
[4] https://www.aefinfo.fr/depeche/708116-espionnage-rancons-destabilisation-l-anssi-note-une-augmentation-de-la-menace-dans-toutes-ses-composantes-en-2023
