French IT monitoring company's software targeted by hackers

(Reuters) — Hackers have spent up to three years breaking into organizations by targeting monitoring software made by the French company Centreon, France's cybersecurity watchdog said Monday.

The watchdog, known by its French acronym ANSSI, stopped short of identifying the hackers but said they had a similar modus operandi as the Russian cyberespionage group nicknamed “Sandworm.”

Centreon said Tuesday that none of its customers were affected by the hacking campaign. The company's clients include some of the biggest French companies, such as utility EDF, telecom company Orange and Europe's biggest bank, BNP Paribas.

The targeting of Centreon, a Paris-based company that specializes in information technology monitoring, further highlights how attractive such companies are to digital spies.

U.S. cybersecurity officials are still trying to get their hands around an ambitious espionage campaign that hijacked IT monitoring software made by Austin, Texas-based SolarWinds. U.S. officials, who have blamed Moscow for the hacking, have hinted that other companies have been hit in similar ways.

Earlier this month Reuters reported that suspected Chinese hackers also targeted SolarWinds customers, using a different and less serious bug to help spread it across their victims’ networks.

The initial vector for the campaign of intrusions that targeted Centreon software was not known, ANSSI said in a 40-page report posted on its website. It said it had discovered intrusions dating back to late 2017 and stretching into 2020.

The watchdog did not identify the names or number of victims involved but said they were mainly IT services companies such as internet hosting providers.

Centreon's website says it has more than 600 enterprise clients across the world, including the French Ministry of Justice.