French authorities are currently investigating potential “foreign interference” linked to malware discovered on a passenger ferry. The remote access trojan (RAT) malware has raised significant security concerns due to its capability to allow remote control over the ferry’s operating systems, as reported by Le Monde.
Interior Minister Laurent Nuñez explained during an interview with France Info radio that hacking into a vessel’s data-processing systems is a serious issue. He confirmed that investigators are looking into the possibility of foreign interference, though he refrained from naming specific countries, only hinting that “one country is often behind foreign interference” in these contexts.
The Paris prosecutor’s office has already opened an investigation into what appears to be an organized attempt to attack an automated data-processing system, suspected to serve the interests of a foreign power. This underscores the gravity of the situation, as breaches in maritime technology can have far-reaching implications for security.
Arrests Made in Connection to Malware Discovery
Two crew members from the ferry were detained following identification by Italian authorities. The detainees included a Latvian and a Bulgarian national, but the Bulgarian was released shortly thereafter.
The Latvian crew member was arrested after malware was found aboard the ferry named Fantastic, which can carry up to 2,000 passengers, while it was docked in the Mediterranean port of Sète, France. The Italian shipping company GNV, which operates the ferry, reported that it had alerted authorities about an attempted intrusion into their computer systems, asserting that they had successfully neutralized the threat without significant consequences.
Christian Cevaer, the director of the France Cyber Maritime monitor, highlighted the severe risks posed by any attempt to commandeer a ship, emphasizing that such actions could lead to dire physical consequences for passengers and crew alike. He noted that installing the malware would likely require a physical component, such as a USB key, indicating potential complicity from within the crew.
The investigation has been escalated under the oversight of France’s domestic intelligence service, the General Directorate for Internal Security (DGSI), illustrating the importance attributed to this case. Following the discovery, the Fantastic was cordoned off for inspections, leading to the seizure of several items related to the investigation. Subsequent technical evaluations determined that there was no immediate danger to passengers, allowing the ship to resume operations.
Further investigations are also underway in Latvia, supported by Eurojust and local authorities, to deepen understanding of the broader implications of this case.
Link to Recent Cyber Attacks
This incident comes on the heels of a separate cyberattack on the French Interior Ministry, which also provoked alarm about the security of sensitive data. A 22-year-old suspect was arrested in connection with this earlier breach, which involved unauthorized access to several document files, suggesting a growing trend in cyber intrusion attempts against vital institutions.
Minister Nuñez referred to this incident as more serious than previously thought, confirming that compromised files included sensitive criminal records. The scale of the breaches remains under scrutiny, adding to the urgency of securing both maritime and governmental cybersecurity.
The implications of these cyber threats reach far beyond immediate operational concerns, stirring apprehensions about national security and the safety of critical infrastructure.
