(Reuters) – Hackers have spent up to three years hacking into groups by targeting surveillance software made by French company Centreon, the French cybersecurity watchdog said Monday.
The watchdog, with the French acronym ANSSI, stopped recognizing the hackers but said they had a similar modus operandi to the Russian cyberespionage group often referred to as “Sandworm. ”
ANSSI, Centreon, and the Russian embassy in Paris did not immediately return messages seeking comment.
The focus of Centreon, a Paris-based company that specializes in information technology, highlights the attractiveness of such companies to digital spies.
Cybersecurity officials in the United States are still trying to get their hands around an ambitious spying campaign that removed IT monitoring software made by the company SolarWinds in Austin, Texas. American officials, who have blamed Moscow for the investigation, have said other companies have also been hit in similar ways.
Earlier this month Reuters reported that suspected Chinese spies were also targeting SolarWinds customers, using a different and less serious beast to help spread it over. on their victims ’networks.
The first vector was unaware of a breakthrough campaign targeting Centreon software, ANSSI said in a 40-page report posted on its website. They said they got into a breach going back to the end of 2017 and stretching into 2020.
The watchdog did not identify the names or number of victims involved but said they were IT services companies as internet hosting providers.
Reciting with Raphael Satter; edited by Grant McCool