Hacker group threatens to leak data from France’s justice ministry

For now, it is still difficult to judge whether this could be a PR stunt carried out by the hackers ahead of the French presidential election, or a threat based on genuinely sensitive data.

Hackers from ransomware gang Lockbit 2.0 claimed to have hacked into the French justice ministry on Thursday (27 January). They said that if the ransom is not paid by 10 February, the stolen data will be published. EURACTIV France reports.

A total of 9,859 files are ready to be disseminated on 10 February, according to the hacker’s blog, which displays a countdown.

The justice ministry told the press that it “immediately organised to carry out the necessary checks in conjunction with the competent services in this area”. However, Acteurs publics journalist Emile Marzolf wrote on Twitter that the cyberattack had been “confirmed to him by a source within the ministry”.

EURACTIV France confirmed that the ministry’s services detected technical traces of an intrusion. Still, the extent of the attack, the nature of the documents stolen, and the ransom amount remain unknown for now.

Lockbit 2.0 also claimed responsibility for a similar attack on the services of Saint-Cloud’s town hall in the outskirts of Paris. French daily Le Parisien reported that the town’s mayor had already announced that he would not pay a ransom.

Contacted by EURACTIV, the French National Agency for Information Systems Security known as ANSSI was not available by the time of publication.

It is still difficult to judge whether this could be a PR stunt carried out by the hackers ahead of the French presidential election or a threat based on genuinely sensitive data.

Lockbit 2.0 hackers have been very active in the past several weeks, however.

On 17 January, the group published nearly 1,320 internal documents after Thales Alenia Space, part of Thales group, did not pay a ransom.

The cyberattack comes a day after the Court of Auditors published a report on the digital transformation of the justice ministry, which points out that “a lot of work remains to be done” when it comes to the security of its information systems.

The hacking is also part of the recent boom in attacks, particularly ransomware. In ransomware attacks, hackers use malware to infiltrate systems and encrypt data. To restore access to the encrypted data, they usually demand exorbitant sums of money.

Compared to 2019, the number of reports linked to this type of cyber threat has increased fourfold, ANSSI wrote in its activity report for 2020. The French authority added that local authorities, hospitals, and industrialists were the primary victims of these attacks.

EU and French cybersecurity heads call for greater cooperation, extra resources

The heads of the European and French cybersecurity agencies, who spoke to French senators on Thursday morning (6 May), called for more cooperation between EU countries and additional resources, pointing to much higher spending on cybersecurity in the United States.

[Edited by Luca Bertuzzi/ Alice Taylor]


This stakeholder supports EURACTIV's coverage of Cybersecurity. This support enables EURACTIV to devote additional editorial resources to cover the topic more widely and deeply. EURACTIV's editorial content is independent from the views of its supporters.


Subscribe to our newsletters