In its annual report, ANSSI, the agency in charge of cyber surveillance of administrations, notes a return of Russian intelligence hackers. Espionage remains “the threat that most involved the teams” of ANSSI.
2023, more worrying than 2022. ANSSI, the French state's cyber sentinel, revealed this February 27 its annual overview of the cyber threat. If Russia's invasion of Ukraine mobilized most of the Kremlin's forces that year, intelligence hackers have again targeted Europe and France recently.
Advertisement
“ State actors affiliated with Russia are back more than ever. Infiltration of critical infrastructures has been noted, without any specific actions behind it. », Declares Vincent Strubel, Director General of ANSSI. “ They act like spies, they do nothing except check that they are still installed. They are waiting to hit D-Day, where they will be given instructions. This can be with wipers (malware to destroy data), or even physical destruction by playing with the settings of an infrastructure. These are things we saw in Ukraine. »
“Increasing targeting of think tanks and research institutes”
In general, cyber experts warn about espionage, “ the threat that once again most involved the ANSSI teams “, we can read in the report. “ This constant reflects the human, financial and technical resources implemented by state and private actors to collect strategic, industrial or personal information on French networks. The year was notably marked by an increase in attacks carried out using methods publicly associated with the Russian government against organizations located in France.. »
In addition to administrations and sensitive industries, ANSSI notes this year “ an increasing targeting of think tanks, research institutes and companies in the defense industrial and technological base (DTIB). Attackers target organizations working in strategic areas or those they consider close to the French state. These attacks are not limited to metropolitan territory: in 2023, ANSSI dealt with the compromise of an information system located in an overseas territory using an attack procedure publicly associated with China “.
An increase in cybercriminal cyberattacks
The war between Russia and Ukraine has created some turmoil in the world of cybercrime, dividing many criminals, of Russian origin, but also often of Ukrainian nationality. Ransomware gangs restructured in 2023 and restarted the machine.
Advertisement
In its report, the agency notes that “ the total number of ransomware attacks brought to the attention of ANSSI is 30% higher than that observed over the same period in 2022. This upsurge, also noted by the anti-cybercrime section of the Paris prosecutor's office, breaks with the decrease in the number of ransomware attacks observed by the agency in its previous Cyber Threat Overview. »
SMEs and local authorities still represent almost a third of the targets.
The director general of ANSSI nevertheless wants to be optimistic for the future and the future Olympic Games, a major cybersecurity issue. “ We are preparing intensively, state bodies, all partners involved are going through critical exercises », affirms Vincent Strubel.
It is also impossible not to mention the recent operation by law enforcement against the most feared group of cybercriminals, Lockbit. “ They make it possible to reduce the pressure, we know that many of those responsible are still at large, but tackling their infrastructure allows them to breathe, while they get back on track. », recognizes the general director. Will we (finally) spend 2024 sheltered from Lockbit?