The claim fell this weekend on a Darknet blog in the midst of other victimized companies in Italy or Austria. Bolloré Transport & Logistics, a subsidiary of the Bolloré group, notably in the Democratic Republic of Congo (DRC), was the target of "ransomware", that is to say ransomware from the NetWalker group.
The attackers infiltrated the computer network and stole large amounts of data from a logistics branch in the DRC. But nothing excludes that the virus, specializing in large corporate networks, has not spread to other entities.
In a press release, the company admitted that it had been "the target of a ransomware-type cyber attack on part of its servers" on May 14.
A sample of online files
"Bolloré & Transport Logistics RDC immediately took specific protective measures to stop the spread of ransomware." The incident was "circumscribed" insists the group contacted by us. And to specify: "Investigations are underway in order to assess the nature of the information which could have been made accessible to third parties".
Part of the answer is to be found on the alternative TOR Internet network. Cybercriminals have published evidence of their actions there, with screenshots of accounting and invoice files for local and international clients and providers. Some cases date back to 2010, but the most recent dates from mid-May.
As has been the case since the beginning of the year, attackers are now threatening to widely disseminate the stolen data if a ransom is not paid to them. But they are distinguished, with agonizing detail, from other cybercriminal groups, such as Maze, who attacked the Bouygues Construction group.
A complaint filed
“In a unique way, the site that publishes stolen files is in automatic mode and with a countdown. When the countdown ends, the data is published automatically and accompanied by the password necessary to access it, ”explains Brett Callow, cybersecurity expert at Emsisoft.
This means that their loot is already stored online on a server ready for distribution and that a download link will appear in case of payment refusal. Failure to settle is the solution recommended by the authorities in the event of a cyber attack, as there is no guarantee that the hackers will respect their part of the extortion "contract".
Newsletter - The essentials of the newsEvery morning, the news seen by Le Parisien
Your email address is collected by Le Parisien to allow you to receive our news and commercial offers. Find out more
In the case of Bolloré, the counter was set at one week before the disclosure of the data. Bolloré & Transport Logistics has filed a complaint in the Democratic Republic of Congo.