The French government’s finance ministry has been forced to shut down some 10,000 computers in a bid to stave off cyberattacks on its systems originating from IP addresses in China. According to reports, the attack is focusing on documents and information on international affairs related to the G20 group of nations; France holds the rotating presidency of the G20 this year.
The attacks appear to have compromised about 100 computers in the ministry’s central services division, and obtained documents with potentially sensitive information. Various reports indicate the attacks started in December 2010, and have been a sustained effort by determined hackers. The ministry runs about 170,000 computers; the ministry took about 10,000 of them offline in a bid to shut down the attacks. The machines should be back online today.
French president Nicholas Sarkozy has stated his objective leading the G20 is a substantial reform of the world finance and trade system in order to prevent the sort of imbalances that lead to the current economic downturn. Key points of Sarkozy’s plans include a worldwide tax on certain types of financial transactions and an increased emphasis on development aid.
Patrick Pailloux, the director general of the French National Agency for Information Technology, has described the attackers as organized professionals, and that the actions were the first online attack of this size and scale to target the French state. Although the ministry describes the attacks as originating in China, they gave no indication of who they believe might be ultimately responsible for the attacks. Possibilities include foreign governments, unaffiliated “hacktivists,” and cybercriminals.
