For those who doubted it, the Russian bear has come out of its den. Anssi has just taken advantage of the presentation of its latest threat overview, unveiled this Tuesday, February 27, to denounce malicious cyber actions coming from Russia. The proof of “uninhibited aggressiveness”, underlines Vincent Strubel, the general director of the agency.
According to the French cyber-firefighter, who refuses to make any formal attribution, the year 2023 was, for example, marked by an upsurge in espionage carried out “by means of operating methods publicly associated with the Russian government against organizations located In France”.
Pre-positioning
Above all, in terms of attempts to sabotage critical infrastructure, one of Anssi’s biggest points of attention, the agency observes numerous actions that can be compared to pre-positioning or reconnaissance. So many positions that could make it possible to launch destructive action when the time comes which are “almost exclusively the work of actors affiliated with Russia”, deplores Vincent Strubel.
One sighting may be because these attackers aren’t really hiding. ComCyber cybermilitary personnel recently noted the lack of concealment efforts by the attackers from Moscow. As for Viginum, the government service specializing in the detection of foreign digital interference operations, it has just identified Portal Kombat, a structured, coordinated pro-Russian propaganda network.
Increased threat
“This is an overall movement which is not limited only to cyber”, summarizes Vincent Strubel, obviously referring to the geopolitical context with the war led by Russia in Ukraine. Russian-affiliated actors are not the agency’s only adversaries, however. Example with the espionage actions monitored by Anssi: the majority of attackers are actors affiliated with China, a “permanent source of pressure”.
Overall, the agency believes that attackers linked to China, Russia and the cybercriminal ecosystem “are the top three threats.” All against a backdrop of increased threat. Anssi counted 3,703 security events brought to its attention last year, compared to 3,018 in 2022, and 1,112 incidents, compared to 832 the previous year. An increase which is reflected in ransomware attacks, up 30% in 2023, an upsurge also deplored by the courts.