Fifteen Organizations Attacked Through Centreon Monitoring Tool

Fifteen organizations have been attacked via monitoring tool Centreon, the French National Office for Information Systems Security (ANSSI) told the developer of the same name. Centreon allows organizations to monitor their IT environment, such as applications, systems and networks. It is comparable to the well-known monitoring program Nagios.

ANSSI issued a warning Monday that it has observed attacks in which attackers were able to compromise organizations' Centreon servers and carried out further attacks from there. How the attackers managed to gain access to the Centreon environment, the ANSSI could not say.

The developer has now responded to the French agency's warning , stating that this is not a 'supply chain attack', as was the case with SolarWinds' monitoring software. In addition, Centreon reports that the attacked organizations were running an outdated version of the software and had configured it in an insecure way, allowing attackers to gain access from the Internet.

Despite the comment about the outdated software and its configuration, Centreon also does not know how the attackers managed to get in. However, the developer will inform and support customers and partners that they are using the latest version and that they apply good "computer hygiene". The attack campaign would have ended, according to ANSSI. It took place from 2017 to 2020.

Previous Post Next Post