Security Experts:

French Firm Centreon Denies 'Damaging' Hacking Claims

A major French software firm allegedly targeted by Russian hackers denied Tuesday that its major clients could have been affected by the attack.

Centreon, which lists blue-chip French firms from Airbus to Total among its users, was named in a report by the French national cybersecurity agency ANSSI late Monday.

The agency said Centreon software had been hacked from 2017-2020 by a group using similar methods to the so-called Sandworm network linked to Russian military intelligence.

But Centreon said Tuesday that only an old version of its software dating from before 2015, used by open-source developers, had been infiltrated.

"Commercial users are not affected," a spokesperson for the group told AFP. "For users of open-source versions, they should check that the version of the software is after 2015." 

Supply Chain Security Summit

The spokesperson said the company regretted the "extremely damaging" allegations from ANSSI, adding that it would be seeking "clarifications" from the agency. 

The announcement by ANSSI raised alarm that major French firms as well as public sector users of Centreon software might have been compromised.

The Kremlin, which has been accused repeatedly of being responsible for attacks on Western targets, also denied Tuesday that Russian hackers were behind any attack on Centreon.

"Russia has never had, currently does not have and could never have any involvement in cybercrime," Kremlin spokesman Dmitry Peskov told reporters, saying it was "absurd" to pin responsibility on Moscow.

US intelligence and law enforcement agencies have said that Russia was probably behind a massive hack recently discovered against US firm SolarWinds, which sells software widely found in government and private sector computers.

The State Department, Commerce Department, Treasury, Homeland Security Department, Defense Department, and the National Institutes of Health have since admitted that they were compromised. 

Centreon estimated that there were about 200,000 computers using open-source software based on its products.

The group has 720 commercial clients which include EDF, Total, Bosch, Atos and the justice ministry -- none of which commented when contacted by AFP on Tuesday.

No criminal investigation has been opened by French prosecutors so far.

RelatedSandworm Hackers Hit French Monitoring Software Vendor Centreon

view counter