France once again finds itself in the sights of cybercriminals. Between Tuesday December 31, 2024 and January 1, 2025, a rain of DDoS attacks (Denial of service attack) has swept through French communities. The sites of many large cities in France found themselves temporarily inaccessible to Internet users. This is also the case for the websites of several French companies.
Also read: Cyberattacks in France – the latest data leaks and companies affected
A long list of victims
Among the victims, we find the regional council of Centre-Val de Loire, the Chamber of Commerce and Industry (CCI) of Hauts-de-France, the portal of the city of Montpellier, the departments of Eure and Aude, the cities of Nantes, Bordeaux, Poitiers, Pau, Nîmes, Nice, Angers, Le Havre, Montpellier, Tarbes, Marseille and the department of Landes, Haute-Garonne, French Polynesia or New Caledonia. The list is not exhaustive. Up to twenty sites fell.
As always in the context of denial of service attacks, the damage caused are ultimately limited. A DDoS attack simply involves overloading a website's servers with a huge amount of requests, hindering access to the website for a period of time.
“The distributed denial of service attack is the act of sending a lot of automatic requests to a website made by robots which have no intention of consulting the site at all but which saturate it so that people who would legitimately want to consult it cannot do so”explains Benoît Grunemwald, security expert at ESET France.
To send these connection requests, hackers typically use devices compromised by a botnet. However, attacks of this ilk are not accompanied by data leakage or other types of damage. Once the requests stop, the site is back online. Moreover, a large part of the targeted sites are now accessible.
The Paris prosecutor's office took charge of the case and entrusted the investigation to the General Directorate of Internal Security. The prosecution indicates that an investigation has been opened for obstructing an automated data processing system (STAD) in an organized group. At the same time, the French authorities are urging communities to strengthen their cybersecurity measures.
The mayor of Nice, Christian Estrosi, denounced on the social network “serious and unacceptable act”. He announced that a complaint will be filed and that a report will also be made to the National Information Systems Security Agency (ANSSI).
An attack claimed by pro-Russian hackers
Quickly, the wave of cyberattacks was claimed by pro-Russian hackers NoName057(016). On their X account, they have religiously listed all the targets of their DDoS attacks in France. Hackers claim French authorities are “Russophobes”. Through their Telegram channel, they specify that these attacks aim to punish France for its support for Ukraine as part of the war against Russia. The gang promises “DDoS shells” against French sites.
Appearing in 2022 in the wake of the conflict, NoName is one of 80 Russian and pro-Russian hacker collectives which regularly target institutions in Western countries supporting Ukraine.
« Ukraine received more than 150 million euros from Denmark, France and Lithuania to support the defense industry », Points out the collective on Telegram.
This is not the first time that NoName057(016) cybercriminals have attacked France. Two years ago, hackers had already brought down the sites of the National Assembly and the Senate. In the past, the gang has stood out by targeting other European countries, Canada and even Ukrainian institutions. In the wake of the New Year 2025 attacks, the NoName057(016) hackers also attacked other countries considered enemies of Russia, such as Taiwan.
Yet another wave of DDoS in France
Furthermore, France has suffered a host of denial of service attacks over the past year. In March 2024, several French government sites found themselves offline following a wave of attacks orchestrated by Anonymous Sudan hackers. A few months later, a barrage of similar offensives swept across France following the arrest of Pavel Durov, the CEO and founder of Telegram.
Very often, DDoS are carried out by hacktivist collectives seeking to convey a political message or to protest. For Benoît Grunemwald, these are above all propaganda operations. Despite efforts by law enforcement to pull the rug out from under hackers, experts believe that DDoS attacks likely to accumulate in 2025. This type of cyberattack has also been identified as one of the nine major threats looming over the year that has just begun.
???? To not miss any news from 01net, follow us on Google News and WhatsApp.
