France’s counterespionage agency is investigating a suspected cyberattack plot targeting an international passenger ferry, authorities said Wednesday.
A Latvian crew member is in custody facing charges of having acted for an unidentified foreign power, French officials said. But Interior Minister Laurent Nunez appeared to hint that Russia is suspected, saying: “At the moment, foreign interference very often comes from same country.”
France and other European allies of Ukraine allege that Russia is waging “hybrid warfare” against them, using sabotage, assassinations, cyberattacks, disinformation and other hostile acts that are often hard to quickly trace back to Moscow.
Intelligence shared by Italian authorities tipped off the General Directorate of Internal Security — France’s special counterespionage and counterterror intelligence service — that software sometimes used by cybercriminals may have infected computer systems aboard a ferry docked in the French Mediterranean port of Sète, the Paris prosecutor’s office said.
The so-called RAT software — which allows users to control computer systems remotely — could have been used to take control of the ferry’s computers, the prosecutor’s office said. Its statement did not name the ferry.
Nunez told public broadcaster France Info that “individuals tried to gain access to a ship’s data-processing system.” He described it as “a very serious affair.” Asked if the suspected intention was to hijack the vessel, he said: “We don’t know.”
He added: “The investigators appear to be following a trail of interference … foreign interference.”
Police on Friday arrested two of the ferry’s crew members — one Latvian, the other Bulgarian — who Italian authorities had identified as suspects, the prosecutor’s office said. The Bulgarian was subsequently released without charge after questioning.
The Latvian national is being held on a preliminary criminal conspiracy charge and two preliminary charges of hacking-related offenses with the goal of serving the interests of an unnamed foreign power, the prosecutor’s office said.
It said search raids were also carried out in Latvia. Latvian state police said they had no comment.
The ferry is now back in operation after being held in port for security checks to its computer system, the prosecutor’s office said.
Related: New ‘Broadside’ Botnet Poses Risk to Shipping Companies
Related: France Blames Russia for Cyberattacks on Dozen Entities
Related: Data Stolen in Eurofiber France Hack
