August 6th – Located in the heart of Paris, the Grand Palais Réunion des musées nationaux (Rmn) has reported a cyber attack.
The Grand Palais Rmn is a public cultural establishment. At the moment, it’s hosting major art exhibitions and cultural events in conjunction with the Olympic Games.
How the cyber attack happened
The evidence available to-date shows that cyber criminals may have hijacked the account of an individual who worked with Grand Palais Rmn. The credentials are believed to have been stolen by info-stealer malware. This ultimately resulted in a ransomware attack.
Cyber attack impact
The ransomware attack led to the shutdown of computer systems across museums and adjacent bookstores/boutiques throughout France.
Claims that the ransomware attack significantly affected other museums remains under investigation.
Within the RMN network, both the Grand Palais and the Château de Versailles are hosting Olympic-related events.
Cyber attack mitigation
The cyber criminals who started the incident allegedly left a ransom note demanding payment in cryptocurrency. Failure to comply would result in leaked data.
Grand Palais Rmn informed ANSSI — the French cyber security task force — about the incident, among other prominent groups of officials. Network restoration is underway.
“As for the 36 museum shops managed by the Grand Palais Rmn, they are operating normally and autonomously, and the museums and their shops remain open to the public under usual conditions,” notes an announcement.
For more on this story, click here. Lastly, to receive cyber security thought leadership articles, groundbreaking research and emerging threat analyses each week, subscribe to the CyberTalk.org newsletter.