Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

French Firm Centreon Denies ‘Damaging’ Hacking Claims

A major French software firm allegedly targeted by Russian hackers denied Tuesday that its major clients could have been affected by the attack.

A major French software firm allegedly targeted by Russian hackers denied Tuesday that its major clients could have been affected by the attack.

Centreon, which lists blue-chip French firms from Airbus to Total among its users, was named in a report by the French national cybersecurity agency ANSSI late Monday.

The agency said Centreon software had been hacked from 2017-2020 by a group using similar methods to the so-called Sandworm network linked to Russian military intelligence.

But Centreon said Tuesday that only an old version of its software dating from before 2015, used by open-source developers, had been infiltrated.

“Commercial users are not affected,” a spokesperson for the group told AFP. “For users of open-source versions, they should check that the version of the software is after 2015.” 

Supply Chain Security Summit

The spokesperson said the company regretted the “extremely damaging” allegations from ANSSI, adding that it would be seeking “clarifications” from the agency. 

The announcement by ANSSI raised alarm that major French firms as well as public sector users of Centreon software might have been compromised.

The Kremlin, which has been accused repeatedly of being responsible for attacks on Western targets, also denied Tuesday that Russian hackers were behind any attack on Centreon.

Advertisement. Scroll to continue reading.

“Russia has never had, currently does not have and could never have any involvement in cybercrime,” Kremlin spokesman Dmitry Peskov told reporters, saying it was “absurd” to pin responsibility on Moscow.

US intelligence and law enforcement agencies have said that Russia was probably behind a massive hack recently discovered against US firm SolarWinds, which sells software widely found in government and private sector computers.

The State Department, Commerce Department, Treasury, Homeland Security Department, Defense Department, and the National Institutes of Health have since admitted that they were compromised. 

Centreon estimated that there were about 200,000 computers using open-source software based on its products.

The group has 720 commercial clients which include EDF, Total, Bosch, Atos and the justice ministry — none of which commented when contacted by AFP on Tuesday.

No criminal investigation has been opened by French prosecutors so far.

RelatedSandworm Hackers Hit French Monitoring Software Vendor Centreon

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.