France’s government web infrastructure was battered by an “unprecedented” wave of DDoS attacks yesterday forcing the convening of a special crisis centre.
The attacks could be a harbinger of what the country can expect as it prepares to welcome millions of visitors in an Olympics year – not to mention thousands of technologists to Kubecon next week.
Prime minister Gabriel Attal’s office said a wave of attacks of "unprecedented intensity" on multiple ministries started on Sunday and continued through Monday, severely impacting access to services, AFP reported.
By Monday, the impact had been blunted and access to government sites restored after the government’s Direction Interministérielle du Numérique (DINUM) swung into action.
A group called Anonymous Sudan claimed responsibility for the attacks, and rubbished DINUM’s efforts to repel them. Anonymous Sudan has previously attacked countries it believes are anti-Muslim.
However, it was widely speculated that Moscow had more than a hand in the latest assault, given France’s support for Ukraine, and President Macron’s recent ponderings about the possibility of NATO boots on the ground.
See also: Hyperscalers report record DDoS attacks
France signed a security cooperation agreement with Ukraine last month, which included agreements around cooperation on cybersecurity on protecting critical infrastructure. It included commitments to “raise the cost of the irresponsible use of cyber capabilities by the Russian Federation” and deepening Ukraine’s cyber cooperation with Nato. It also covered defence and military cooperation, including €3bn of military suppprt.
Last month, France’s cyber security agency, ANSSI, warned about a “steadily rising cyber threat level”, citing ongoing geopolitical tensions and “international events being held in France”.
It added that “While distributed denial-of-service (DDoS) attacks by pro-Russian hacktivists, often with limited impact, were the most common, pre-positioning activities targeting several critical infrastructures in Europe, North America and Asia were also detected.”
DDoS attacks might be considered rather old school, and mitigation techniques have come on in leaps and bounds. However, automation means they remain a low-tech but key weapon for governments or other groups simply looking to cause inconvenience, mayhem, or distraction.
DDoS attacks might be an immediate headache, but as ANSII warned the “prepositioning activities” can go unnoticed, while laying the groundwork for “larger-scale operations carried out by state actors waiting for the right moment to act”.
Last month, Cloudflare said that in Q4, it saw a 117 percent year on year increase in network layer DDoS attacks. The hardest hit was Taiwan, with a 3,370 percent spike in attacks ahead of a general election and ongoing tensions with China. France, was not top of anyone’s hit list, not making it into the top ten of any class of DDoS target countries according to Cloudflare.
That seems likely to change as millions of athletes, support staff, journalists and tourists descend on the country this year – all of them presumably relying on web-based infrastructure to check times, book travel and accommodation, file reports, and generally just get on with life. The race is on.