Subj : French government hit by
To   : All
From : Mike Powell
Date : Tue Dec 16 2025 08:58 am

French government hit by cyberattack - Interior Ministry confirms email
systems hit

Date:
Tue, 16 Dec 2025 10:26:52 +0000

Description:
Speculation rises over the identity and motives of unknown hackers.

FULL STORY

The French Interior Ministry has confirmed recently suffering a cyberattack,
but the consequences are still being determined.

The French Minister of Interior said the attack took place at night, between
December 11 and December 12. Email servers were compromised, allowing threat
actors to access some document files. However, it is currently unclear if
they managed to steal anything and if so - what exactly.

"There was indeed a cyberattack. An attacker was able to access a number of
files. So we implemented the usual protection procedures," Interior Minister
Laurent Nuez told local radio station RTL Radio . "It could be foreign
interference, it could be people who want to challenge the authorities and
show that they are capable of accessing systems, and it could also be
cybercrime. At this point, we don't know what it is."

Was it the Russians?

Other than that, details are scarce, as it isn't known exactly who was
responsible, or what they were looking for.

Initial reports speculate the attack might have been the work of APT28, an
advanced persistent threat actor linked to Russia's Military Intelligence
Service (GRU). Also known as Fancy Bear or Forest Blizzard, APT28 has been
attributed to many high-profile cyber-espionage campaigns throughout the
West.

For example, a recent report from the French National Agency for the Security
of Information Systems (ANSSI), APT28 usually targets government agencies,
research firms, think-tanks, and businesses in the French Defence
Technological and Industrial Base.

They also target aerospace organizations, and other firms in finance and
economy. For years, APT28 was targeting Roundcube email servers as well,
harvesting vital data from governments and diplomats across North America and
Europe.

In July 2025, the UK National Cyber Security Centre (NCSC) warned about APT28
targeting Microsoft 365 accounts with specialized malware called Authentic
Antics.

======================================================================
Link to news story:
https://www.techradar.com/pro/security/french-government-hit-by-cyberattack-in
terior-ministry-confirms-email-systems-hit

$$
--- SBBSecho 3.28-Linux
* Origin: Capitol City Online (1:2320/105)

You are viewing proxied material from cvs.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.