As often the intruders were already in the computer system for days and started their attack on weekends, when their victim can let their guard down.
“On the night of Friday to Saturday a cyberattack targeted the information system of the city of Angers and the metropolis,” explains the community on social networks to explain the closure of certain municipal services.
According to Ouest-France information, cybercriminals have “paralyzed municipal library services and all city hall sites, such as Angers.fr”. The city’s official website was still inaccessible late Monday afternoon. Just like that of the Conservatory, for example.
A “soft” target
“The diagnosis concluded with a ransomware-type attack which struck La Rochelle, Aix Marseille, Vincennes, ADEME … in the recent past”, assures the town hall.
“However, communities are not more hacked than other potential targets, but this can be seen immediately when a public service does not work, while a company can hide it for a while”, recalls Pascal Le Digol, director for France of WatchGuard , an American specialist in the protection of networks, in particular those of town halls and inter-municipal authorities.
“The recent mergers between communities with computer networks of different security level have on the other hand increased the attack surface just as teleworking has opened doors for attackers” analyzes the expert.
The thesis of an e-mail containing an infected file often holds the rope in this kind of hack scenario with encryption of the victim’s data.
No claim on the DarkWeb
Unlike the other affected cities, no group of hackers has, according to several specialists consulted, claimed responsibility for the attack and the exfiltration of data.
On the rise, ransomware attacks consist of infiltrating a computer system with an infected e-mail, taking control of it, siphoning documents and performing encryption from computers and servers which renders victims’ data unreadable. .
With a villainous objective: to extort a ransom from the victim to find his data.
As a local authority, Angers and its metropolis benefit from priority technical assistance from specialists from the National Information Systems Security Authority (ANSSI). They have already relaunched a restoration of servers based on backups which must be cleaned beforehand so as not to leave a door still open for hackers.
A process that will idle utilities for several hours and without connection or computer software.