The city of Caen was targeted by a major cyberattack on Monday, September 26, 2022. All the town hall’s IT services are offline. By extension, civil status services are also suspended. A crisis cell was held on Tuesday morning.
After the ransomware that affected the Corbeil-Essonnes hospital on August 22, 2022, it is now the turn of the city of Caen to be the victim of a major cyberattack. A first in the history of the Norman city. Here are the facts.
This Monday, September 26, 2022 around 4 p.m., the firewalls give the alert. An intrusion is detected in one of the city’s mail servers. “We have been alerted by unusual behavior from our servers. The time to bring together the crisis unit, the servers were isolated at 4:28 p.m. and the users warned”, explains the cabinet of the mayor of Caen, Joël Bruneau, in the columns of the newspaper Ouest France.
The servers of the city of Caen are knocked out
As specified by the town hall, the attack is massive, with about ten intrusion attempts per second. To ensure data security, all servers in the city are shut down. “Backups have been isolated in order to secure them and the file servers turned off”, says the mayor. However, no more city hall website works. This is particularly the case of the municipal site of course, but also that of the Community of Caen La Mer.
What upset the daily life of the inhabitants, since civil status services are also suspended until further notice. Birth and death certificates are registered manually, while it is impossible to make an appointment to pick up one’s identity card or passport. You have to get there with your fingers crossed. Otherwise, the mailboxes in @caen.fr no longer work as well.
A crisis unit to strengthen security
This Tuesday morning, the city of Caen held a crisis unit. A company specializing in computer security was particularly expected to help the town hall teams to secure the networks. The servers should remain on standby all day, the time to carry out the various necessary checks. Note that the city has filed a complaint.
Regarding the identity of the hackers behind this attack or their motivations, the vagueness remains for the moment. Especially since the hackers did not demand a ransom at a time when ransomware attacks are legion. For several years now, French public services and institutions have become prime targets for hackers. We remember, for example, this attack directed against the Ministry of Justice in January 2022, or the hacking of the Health Insurance site in June 2022. The health data of a million French people had ended up on sale on the Web.
Source: West France