Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

French Firm Centreon Denies ‘Damaging’ Hacking Claims

A major French software firm allegedly targeted by Russian hackers denied Tuesday that its major clients could have been affected by the attack.

A major French software firm allegedly targeted by Russian hackers denied Tuesday that its major clients could have been affected by the attack.

Centreon, which lists blue-chip French firms from Airbus to Total among its users, was named in a report by the French national cybersecurity agency ANSSI late Monday.

The agency said Centreon software had been hacked from 2017-2020 by a group using similar methods to the so-called Sandworm network linked to Russian military intelligence.

But Centreon said Tuesday that only an old version of its software dating from before 2015, used by open-source developers, had been infiltrated.

“Commercial users are not affected,” a spokesperson for the group told AFP. “For users of open-source versions, they should check that the version of the software is after 2015.” 

Supply Chain Security Summit

The spokesperson said the company regretted the “extremely damaging” allegations from ANSSI, adding that it would be seeking “clarifications” from the agency. 

The announcement by ANSSI raised alarm that major French firms as well as public sector users of Centreon software might have been compromised.

The Kremlin, which has been accused repeatedly of being responsible for attacks on Western targets, also denied Tuesday that Russian hackers were behind any attack on Centreon.

“Russia has never had, currently does not have and could never have any involvement in cybercrime,” Kremlin spokesman Dmitry Peskov told reporters, saying it was “absurd” to pin responsibility on Moscow.

US intelligence and law enforcement agencies have said that Russia was probably behind a massive hack recently discovered against US firm SolarWinds, which sells software widely found in government and private sector computers.

The State Department, Commerce Department, Treasury, Homeland Security Department, Defense Department, and the National Institutes of Health have since admitted that they were compromised. 

Centreon estimated that there were about 200,000 computers using open-source software based on its products.

The group has 720 commercial clients which include EDF, Total, Bosch, Atos and the justice ministry — none of which commented when contacted by AFP on Tuesday.

No criminal investigation has been opened by French prosecutors so far.

RelatedSandworm Hackers Hit French Monitoring Software Vendor Centreon

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.