For 6 days now, the construction arm of the Bouygues group has been the victim of a computer attack.
According to reports, the hackers used ransomware called Maze. Hackers on this subject are claiming the sum of 10 million euros to not only allow Bouygues Construction to decrypt its encrypted data, but also not to disclose more than 200 GB of computer data stolen from the company. What is surprising about this story is that the attack just came at the end of the famous international cybersecurity forum.
The information of the computer hack was confirmed on the 1st January by the French group, which wanted to note this: "As a measure of information systems have been shut down to avoid any propagation. »
if every effort is made to ensure that a return to normality is possible in the the shortest time, however, this act of cybercrime represents a what the world of computer security will be for 2020. concretely here are the three things you need to remember about the Bouygues construction attack.
1- The nature of the computer attack
According to the information that has been spread in various media and according to certain statements of the French company, the attack suffered by Bouygues construction would be ransomware type. The program is said to have spread "from the group's servers in Canada (located in Toronto and Vancouver) to reach its entire information system. " quotes the computer security site, Zataz. The program used is called Maze. A ransom of about 10 million euros was demanded by hackers for not releasing data stealing from a volume of 200 GB.
The Maze program is a malware qualified in the category of Ransomware-as-a-Service. "Maze is operated by at least one cybercriminal group specializing in Big Game Hunting," the ANSSI report noted. Subsequently a group of hacker was mentioned. TA2101 "If Maze was initially distributed through sites trapped using exploit kit (Fallout EK, Spelevo EK) and in the colors of fake cryptocurrency exchange platforms, new attack campaigns took place from the end of October 2019 relying on malicious emails allegedly from Italian, German or American state agencies. ». Indeed, it was held that a security company called Allied Universal and another Southwire suffered an attack through the same computer program.
2- Threats against Bouygues construction
According to its modus operandi, the Maze computer program threatens its victims to reveal their stolen data, if only French company refuses to pay the ransom: "If they don't pay the full dump from their servers will be released to the public. And then they can be sure they will be ruined in lawsuits. ». It could even be the same that was used against the money transfer company Travelex last month.
3- How Bouygues' computer system is doing Telecom?
In a statement the French group said: "The equipment is gradually being put back into service after being tested (…)The operational activity of the sites is not disrupted to date. ».However, we learn that experts from Microsoft and McAfee were automatically dispatched to help restore the French group's system. Bouygues Construction promises to make a new release the coming week.
Now access an unlimited number of passwords: