Cyberattack Hits Grand Palais RMN, Limited Impact Reported
What Happened?
Between Aug. 3 and 4, the Réunion des Musées Nationaux et Grand Palais (RMN), a French cultural institution overseeing numerous museums and exhibitions, fell victim to a purported ransomware attack. Ransomware is a type of malicious software (malware) that locks users out of their systems or data until a ransom is paid. The attack targeted RMN’s computer systems, which manage financial data for its various affiliated institutions.
Immediate Response and Investigation
The organization promptly responded to the attack. According to their Aug. 6 press release, there was no evidence of data being stolen (data exfiltration). The French Anti-Cybercrime Brigade, a special police unit, has launched an investigation into the incident. In France, unauthorized access to a computer system is punishable by up to three years in prison, with additional penalties for altering or deleting data.
Impact on RMN Activities
Despite initial concerns, the impact on RMN's operations appears minimal. Initially, there were fears that significant institutions, like the Louvre, might be affected. However, the Louvre's management denied any impact. The Grand Palais director specified that the attack was limited to RMN's internal network of shops and did not affect other activities. Precautionary measures were taken swiftly, including disconnecting vital systems and engaging the French Computer Security Agency.
Olympics-Related Activities
The Grand Palais complex has been hosting various Olympics-related events, such as fencing and Taekwondo competitions. Despite the cyberattack, these events proceeded as planned. According to RMN, all associated shops and museums remain open to the public under normal conditions.
Expert Opinions
Dr. Martin J. Kraemer from KnowBe4 commented on the situation, stating that cyberattacks during major events like the Olympics were anticipated. However, he suggested that this attack seemed underwhelming compared to other ransomware incidents. He also raised the possibility that the ransomware attack might have been a cover for another malicious activity.
Josh Jacobson from HackerOne added that the threat of cyberattacks remains significant throughout the event. Risks include fake ticketing sites, social engineering campaigns, and phishing attacks targeting venues, attendees, and spectators.
In summary, while the RMN cyberattack was a cause for concern, its swift response minimized the impact. The ongoing investigation and increased vigilance during the remainder of the Olympic Games underscore the importance of robust cybersecurity measures.
