French cyber-security firm Stormshield, a major provider of security services and network security devices to the French government is breached by a threat actor who believed to stole information on some of its clients as reported by the company. In addition, the company also reported that the attacker stole the parts of the source code of its firewall Stormshield Network Security (SNS) used in sensitive networks within the French government. The company is now investigating the incident with French cyber-security agency ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information), which is currently assessing the breach’s impact on government systems.
<p>Attacks like these are particularly concerning, as they may have originated from state-sponsored bad actors. </p> <p> </p> <p>The fact that the attack was against a group that provides security services and network security devices to the French government, and that the attackers stole parts of the source code used in a firewall product used by the French government, suggests to me that the attack might have been state-sponsored.</p> <p> </p> <p>Also, in many cases like this, a hacker group will publicly claim responsibility for the breach. However, so far all well-known groups are staying quiet.</p>
<p>The big question in my mind is, who done it? Given this was an attack on a government security system and hackers inspected source code, it does not appear to be your typical data thieves looking for low-hanging fruit. The attack could have well been state-sponsored.</p> <p> </p> <p>All cyber-attacks are concerning, but those against cybersecurity companies are particularly worrying. This attack will no doubt damage Stormshield\’s reputation and future prospects, but time will tell if the French government actually decides to replace Stormshield or stick with it.</p>