Cyber Incident Victim: France
Date:
May 2024
Location:
New Caledonia
Summary
A cyberattack described as of "unprecedented force" targeted New Caledonia's internet infrastructure, aiming to saturate the network through a distributed denial-of-service (DDoS) attack on a local service provider. Authorities indicated most attacking IP addresses appeared Russian-linked, with timing coinciding around a French presidential visit announcement. Conflicting reports emerged on targets: local digital officials cited ISP infrastructure saturation, while the Nouméa mayor referenced impacts on multiple organizations including banks; investigators confirmed unspecified institutions were affected. The attack was contained through rapid intervention by national cybersecurity agencies, though no group claimed responsibility. Analysts noted the archipelago’s single telecom entry point historically increases vulnerability to such saturation attacks, with precedents of similar disruptions in Pacific islands.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 22, 2024, Christophe Gygès, a New Caledonian government official responsible for digital affairs, announced that a cyberattack of "unprecedented force" had targeted a local internet service provider overnight. The attack aimed to saturate the territory's internet network through distributed denial-of-service (DDoS) techniques, flooding infrastructure with connection attempts to block legitimate access. Gygès reported that most attacking IP addresses appeared to originate from Russia and noted the timing coincided with French President Emmanuel Macron's surprise visit announcement. Network monitoring tools confirmed abnormal volumes of suspicious traffic during the incident. Government cybersecurity services, including France's National Agency for Information Systems Security (ANSSI), intervened rapidly to contain the attack.
Conflicting accounts emerged regarding the attack's scope. While Gygès characterized it as a DDoS against an ISP, Nouméa Mayor Sonia Lagarde described simultaneous attacks affecting "a huge number of organizations," specifically citing banks. The Paris prosecutor's cybercrime unit, which assumed control of the investigation from Nouméa authorities, confirmed the operation targeted "several institutions in New Caledonia" without identifying specific entities. No group claimed responsibility for the attack despite the common practice of state-linked actors publicly taking credit for such operations. Historical context revealed prior DDoS incidents in New Caledonia, including a 2016 attack, and cybersecurity expert François Deruty highlighted structural vulnerabilities in island networks due to centralized telecom entry points managed by the Post and Telecommunications Office. Similar saturation attacks had disrupted French Polynesia's internet in 2018 through a single teenager's actions. Authorities continued analyzing the incident as ANSSI remained silent on the matter at the time of reporting.