Local communities continue to be affected by cybercriminal groups. According to information from France Bleu Drome Ardèche dated Wednesday April 6, it is the turn of the Ardèche departmental services to be the target of a cyber attack.
In a press release, the services of the region indicated last week that the incident had led to the temporary immobilization of the network to limit the impact and that restarting it would take several days. But the department also specifies that the citizens were not directly affected by the incident and that no data leak had been detected by its IT teams.
On its Tor site, the Lockbit 2.0 ransomware group claimed to be behind the attack and announced that it will release stolen files if no ransom is paid by the victim by April 13. The group does not give more details for the moment on the nature or the volume of the data that it threatens to disseminate.
Lockbit isn’t the most believable
Lockbit 2.0 is a group commonly associated with the use of ransomware, but also specializes in so-called “double extortion” tactics. These consist of demanding a ransom for the decryption key of the files as well as to prevent the dissemination of data stolen during the cyberattack carried out upstream.
Lockbit is a particularly active group that frequently announces new victims on its site. But the group is also known to artificially inflate its catches: this was already the case when the group claimed to have hacked into the systems of the French Ministry of Justice, only to reveal data belonging to a law firm based in Caen. An investigation by Mag IT had also shed light on the way the group inflated the number of its victims, estimating that of around 400 victims announced on the site, around 60 were false.
We will therefore wait to see Lockbit’s hand before deciding on the scope of the hacking that the group claims, the departmental services of Ardèche having identified no data theft on their side.
Computer attacks targeting local authorities nonetheless remain a serious threat to these organisations. Many local communities have neglected investments in IT security in recent years, making them easy targets today for cybercriminal groups looking for potential victims. The government has tried to reverse the trend by granting new budgets to local authorities: in 2021, part of the 136 million euros of the recovery plan was thus allocated to securing municipalities and local authorities.