French authorities are investigating a serious cyberattack plot that could have allowed remote control of an international passenger ferry. A Latvian crew member has been detained, accused of acting on behalf of an unidentified foreign power.
Details of the Investigation
The case came to light after intelligence shared by Italian authorities alerted France’s counterespionage agency to suspected malware on a ferry docked in Sète, a Mediterranean port in France. The software in question, known as a Remote Access Trojan (RAT), is capable of granting full remote control over computer systems.
Officials state that the malware could have compromised the ferry’s computer systems, potentially allowing external actors to take control of the vessel. The exact intentions behind the attack remain unclear, although Interior Minister Laurent Nunez described the incident as “very serious.” While no country has been officially named, France suspects Russia, given its ongoing allegations of hybrid warfare tactics.
Hybrid Warfare and Cyberattacks
France, along with other European allies of Ukraine, has accused Russia of waging hybrid warfare that includes sabotage, assassinations, cyberattacks, and disinformation campaigns. These hostile acts are often difficult to attribute directly to Moscow, making them a persistent security threat. This incident underscores the growing trend of state-sponsored cyberattacks targeting critical infrastructure.
Arrests and Ongoing Inquiry
French police arrested two crew members—one Latvian and one Bulgarian—based on leads from Italian authorities. The Bulgarian individual was released after questioning, but the Latvian national remains in custody on charges of criminal conspiracy and hacking offenses.
Raids were also conducted in Latvia as part of the ongoing investigation. The ferry has since resumed operations after undergoing security checks of its computer systems.
Significance
This case highlights the vulnerability of maritime infrastructure to cyberattacks and the increasing sophistication of foreign interference. The incident raises questions about the effectiveness of cybersecurity measures on international transport and the challenges of tracing cyberattacks to their origin. The investigation is ongoing, and further details may emerge as authorities continue to examine the evidence.
