Europe 1 with AFP 12:30 p.m., March 12, 2024
Several state services have been the subject of computer attacks of “unprecedented intensity” since Sunday evening, but their impact “has been reduced”, according to information disclosed by Matignon.
Attacks claimed by different hacker groups including Anonymous Sudan.
Several ministries have been the subject of computer attacks since Sunday evening claimed by various hacker groups, including Anonymous Sudan.
Who are behind these hackers who support Russia and several Islamist causes?
Where do they come from ?
“It’s a group of hacktivists like many others,” says Gérôme Billois, cybersecurity expert from the company Wavestone.
It has become known in the cybercriminal landscape "for the multiplicity of its attacks and its excessive activity", underlines the expert.
Anonymous Sudan appeared in January 2023, “around a logic of defense of Sudan, and rather Islamist”.
It takes its name from the Anonymous collective, a group of hackers and activists well known since the early 2010s, whose surname has become a standard bearer for these new types of cybercriminals.
The latter act without asking for ransom and recruit sympathizers almost everywhere.
They can have several dozen or hundreds of members, sometimes paid in the event of a successful attack.
What are their motivations?
Their first major wave of attacks notably targeted Sweden after a Swedish far-right activist burned a copy of the Koran.
“These groups often target countries perceived as being against Islam or those supporting Ukraine,” Richard Hummel, a cybersecurity expert at Netscout, an American network specialist, analyzed in a note at the end of February.
If Anonymous Sudan began its attacks under the guise of fighting against the enemies of Islam, “over the course of their actions they gradually moved closer to pro-Russian hacktivist groups,” notes Gérôme Billois.
According to the specialized site Numerama, the concrete motivations of Anonymous Sudan "are not clear".
But this group, which communicates in Arabic and Russian, has “appeared on the cyber landscape by targeting enemies designated by Moscow”.
“They are capable of carrying out several attacks per month,” estimates the cybersecurity expert from Wavestone, for whom the group’s objective remains “to multiply the stunts so that people talk about them. "
What are their targets?
In March 2023, after the publication of caricatures in
Charlie Hebdo
, France was the target of several attacks targeting medical facilities, universities and airports.
The sites of Aéroports de Paris and the DGSI, the French intelligence services, are temporarily blocked.
These waves are claimed by Anonymous Sudan.
In its 2023 report on the computer threat published in February, the French computer security agency (Anssi) recalled that in August "the Anonymous Sudan group threatened France with reprisals in the event of intervention against the putsch in Niger, before redirecting its targeting against Israeli entities following the military offensive in the Gaza Strip.
Anonymous Sudan thus claimed responsibility for an attack on the electronic version of the
Jerusalem Post
newspaper , which was paralyzed for many hours.
The group also targeted companies, such as Microsoft in June.
How do they operate?
Anonymous Sudan mainly uses "denial of service" (DDoS) attacks, which consists of "filling the pipes with false requests for access to a website to saturate them", according to Gérôme Billois.
Effectively making the site unavailable for a limited period.
The effects of such an attack primarily affect the image of the targeted organization and can cause discomfort for the user in the short term.
Without endangering the information systems of the targeted organization.
“The depth of the attacks is often low (...) they only affect the surface of the website,” explains Gérôme Billois.
“But we must remain attentive because sometimes, these attacks serve as a diversion to attack in depth elsewhere.”