At least 31 “commitments” Information systems affecting actors in the water sector in France have been dealt with by the National Information Systems Security Agency (Anssi) since 2021, reveals a report to be published on Thursday, November 28. In this twenty-page study, the authority details the risks that weigh on water management in France (collection, storage, distribution and even sanitation of wastewater) in terms of cybersecurity.
This threat status is based on foreign examples. Starting with Ukraine, where Sandworm, an elite unit of the Russian military intelligence services (GRU), has specialized for several years in computer attacks aimed at sabotaging critical physical infrastructures. In March 2024, this group would have aimed, Anssi recalls, “about twenty Ukrainian companies specialized in the supply of energy, water and heating”with the aim of sabotaging your industrial control software.
A mainly evil threat
No incident of this magnitude has yet been detected in France. “Anssi is not aware of any important commitment from an entity in the sector” in the territory, explains the agency Worldalthough he emphasizes that his analysis is based solely on incidents that have been reported to him or on public reports. Anssi notes, however, that French sanitation and water supply infrastructure can be managed by a variety of actors, expanding the attack surface and posing security challenges. Additionally, facilities are often connected to allow remote management and limit workforce movement and may therefore be vulnerable.
In France, to date, the threat is primarily criminal rather than state. Thus, since 2021, eight attacks carried out with ransomware have been identified, Anssi reports. Among the victims: an entity belonging to Veolia, a water union from an overseas department or the Joint Departmental Union of Water and Sanitation of Ariège.
During the month of April 2024, a French municipality was a victim of Babuk, ransomware linked to the Russian hacker Mikhail Matveev (known by the pseudonym “Wazawaka” and specialized in computer intrusion). “If water distribution was still possible, its billing as well as the management of its production, that is, the supervision of distribution and remote intervention, were ineffective”Anssi summarizes, adding that, however, the move to degraded operation guaranteed “continuity of service”.
You have 40.52% of this article left to read. The rest is reserved for subscribers.
