Supply chain
⛓ Supply Chain
Airbus, Air Caraïbes, ArcelorMittal, BT, Luxottica, Kuehne + Nagel, Ministère de la Justice français, New Zealand Police, PWC Russia, Salomon, Sanofi, and Sephora (possibly) Third-Party Breach (February 2021)
Primary Source ↗Incident Details
Hackers Exploit IT Monitoring Tool Centreon to Target Several French Entities. Russia-linked state-sponsored hackers Sandworm targeted IT monitoring software company Centreon in a three-year-long stealthy operation. Russia-linked state-sponsored threat actor known as Sandworm has been linked to a three-year-long stealthy operation to hack targets by exploiting an IT monitoring tool called Centreon. The intrusion campaign — which breached “several French entities” — is said to have started in late 2017 and lasted until 2020, with the attacks particularly impacting web-hosting providers, said the French information security agency ANSSI in an advisory. Third-party company: Centreon.
Technical Details
- Initial Attack Vector
- Compromise of third-party service provider / vendor relationship
- Vendor / Product
- Centreon
- Supply Chain Attack
- ✅ Confirmed third-party / vendor compromise
Timeline
- 2021-02-01 Breach occurred
- 2021-02-16 Publicly disclosed