After Enac, the INP Toulouse is in turn shaken by a large-scale cyberattack which still paralyzes its operation. Are the Grandes Ecoles targets for hackers?
Since September 12, impossible to connect to the website of the National Polytechnic Institute of Toulouse (INP *), no means either to join the switchboard, the establishment of the superior is isolated from the world.
The cyberattack suffered by this prestigious school of engineers and scientific research, born in 1969, reduced the operation of its three Toulouse establishments to a minimum, “the schools of Tarbes and Purpan are not adequate”, specifies the service. Communication. The INP has 3,400 students and 1,000 staff, teachers and administrators.
A large-scale attack
This large-scale computer attack, ransomware or ransomware, is accompanied, it is said, by a ransom demand, the amount of which is not revealed.
“We have filed a complaint, are suing the communication department of the INP Toulouse, made a statement to the Cnil [commission nationale information et libertés], and we are monitored by experts from ANSSI (National Agency for the Security of Information Systems). Faced with this cyberattack, the INP even called on a private company Intrinsec. Because everything works in slow motion.
“We work in degraded mode”
“For the moment, we are working in degraded mode, explains the school. The students have lessons, the researchers are in their laboratories and the administrative staff are adapting. Computer scientists are exploring our 500 servers, it’s colossal. Fortunately, some attacks were quickly stopped, but the deeper layers need to be checked. We hope to return to normal operation within a fortnight. »
For experts, like former gendarmerie commander Eric Aguilar, now a cybersecurity consultant, “it’s always the same problem with the big schools”, easy targets for computer piracy.
“The oil of information”
“What people are looking for is espionage, intelligence, the secrets held by these high-level schools, it’s a bit of information oil,” explains Eric Aguilar. In the archetype of hacking, we find everything related to the state, also young hackers but also much more structured networks that work on engineering. »
To ingest a “Trojan horse” extortionist of funds in the computer system of a high school, no need for big equations, assures Eric Aguilar. “There are often huge flaws on poorly secured workstations, he continues. Especially student positions, with an international back and forth, it becomes very easy to hack into a student’s account and then go into the school system. It’s as old as the world. »
The schools are secure, assures the expert, but not enough and the pirates are difficult to spot (Russia, Ukraine, northern Maghreb, etc.)
“It takes old everyone”
For higher education establishments, the note can be steep. Like the National School of Civil Aviation (Enac) which, after a cyberattack, risked the loss of these archives.
“Today we find viruses that systematically destroy the clusters, the data they attack, observes the former commander of the gendarmerie. The first chose active to do, it must be said again, is to train people. But for a long time, for companies, training brought nothing back in economic terms, yet we have to go back to basics. The cyberattack does not only affect the IT department but all employees”.
The INP Toulouse brings together five schools in one
* The INP brings together the National School of Electrical Engineering, Electronics, Computer Science, Hydraulics and Telecommunications (ENSEEIHT), the National School of Agronomics of Toulouse (ENSAT), the National School of engineers in chemical and technological arts (ENSIACET). Finally, the national engineering school of Tarbes and the engineering school of Purpan. In total: 3,400 students.