France is once again in the sights of cybercriminals. Between Tuesday, December 31, 2024 and January 1, 2025, a hail of DDoS attacks (Denial of Service Attacks) hit French communities. The websites of many major cities in France were temporarily inaccessible to Internet users. This is also the case for the websites of several French companies.
A long list of victims
Among the victims, we find the regional council of Centre-Val de Loire, the Chamber of Commerce and Industry (CCI) of Hauts-de-France, the portal of the city of Montpellier, the departments of Eure and Aude, the cities of Nantes, Bordeaux, Poitiers, Pau, Nîmes, Nice, Angers, Le Havre, Montpellier, Tarbes, Marseille and the departments of Landes, Haute-Garonne, French Polynesia and New Caledonia. The list is not exhaustive. Up to twenty sites went down.
As always in the context of denial of service attacks, the damage caused is ultimately limited. A DDoS attack simply involves overloading a website’s servers with a huge number of requests, which hinders access to the website for a period of time.
To send these connection requests, hackers usually use devices compromised by a botnet. However, attacks of this type are not accompanied by a data leak or other types of damage. Once the requests stop, the site is back online. In fact, many of the targeted sites are now accessible.
The Paris prosecutor’s office has taken charge of the case and has entrusted the investigation to the General Directorate of Internal Security. The prosecutor’s office indicates that an investigation has been opened for obstruction of an automated data processing system (STAD) by an organized gang. At the same time, the French authorities are urging local authorities to strengthen their cybersecurity measures.
The mayor of Nice, Christian Estrosi, denounced on the social network X a "serious and unacceptable act". He announced that a complaint would be filed and that a report would also be made to the National Agency for the Security of Information Systems (ANSSI).
An attack claimed by pro-Russian hackers
The wave of cyberattacks was quickly claimed by the pro-Russian hackers NoName057(016). On their X account, they religiously listed all the targets of their DDoS attacks in France. The hackers claim that the French authorities are "Russophobic". Through their Telegram channel, they specify that these attacks aim to punish France for its support for Ukraine in the context of the war against Russia. The gang promises "DDoS shells" against French sites.
Appearing in 2022 in the wake of the conflict, NoName is one of the 80 collectives of Russian and pro-Russian hackers who regularly target the institutions of Western countries supporting Ukraine.
This is not the first time that the cybercriminals of NoName057(016) have attacked France. Two years ago, the hackers had already taken down the websites of the National Assembly and the Senate. In the past, the gang has made a name for itself by targeting other European countries, Canada, and Ukrainian institutions. In the wake of the New Year's Eve 2025 attacks, the NoName057(016) hackers have also targeted other countries considered enemies of Russia, such as Taiwan.
Another wave of DDoS attacks in France
Furthermore, France has suffered a host of denial-of-service attacks over the past year. In March 2024, several French government sites were taken offline following a wave of attacks orchestrated by Anonymous Sudan hackers. A few months later, a similar series of attacks hit France following the arrest of Pavel Durov, the CEO and founder of Telegram.
DDoS attacks are often carried out by hacktivist groups seeking to convey a political message or protest. According to Benoît Grunemwald, they are mainly propaganda operations. Despite the efforts made by law enforcement to cut the grass under the hackers’ feet, experts estimate that DDoS attacks are likely to accumulate in 2025. This type of cyberattack has also been identified as one of the nine major threats looming over the year that has just begun.
0 Comments