LATEST: French internet cables sabotage – what we know so far

A criminal investigation has begun into the apparently coordinated attack that left towns and cities across France suffering internet outages on Wednesday. Here's what we know so far.

LATEST: French internet cables sabotage - what we know so far
Fibre optic cables under Paris (Photo: Eric Piermont / AFP)

Internet and phone services were down or running slowly in multiple French towns and cities on Wednesday after fibre optic cables were cut overnight in suspected attacks on the crucial data infrastructure, telecom operators said.

The operators have now filed a joint complaint and a criminal investigation has begun into the attacks, which saw fibre-optic cables cut in multiple locations across France.

The criminal investigation was opened into “damaging property against the fundamental interests of the nation”, as well as attacking an IT system and criminal conspiracy.

What’s going on?

Slowdowns and outages were reported to internet services on Wednesday morning in several major French cities, following reported acts of vandalism on the fibre optic network.

The operators Free, Bouygues Telecom and SFR appear to have been the worst hit, with Orange saying its customers were not affected. 

Most areas managed to restore service by the end of Wednesday, although many people reported slower than usual service as operators switched to back-up networks.

What has caused it?

According to the operators, it was caused by fibre-optic cables being deliberately cut.

Michel Combot, director general of the FFT (Fédération française des Télécoms) told France Info: “It was an almost professional act – several coordinated attacks across the country with a few minutes.

“It is an attack of unprecedented scale.”

Operators reported that the cutting all appears to have happened at around 4am on Wednesday.

SFR says it was the victim of “well-structured malicious acts around 4am”, adding that the number of outages and their timing suggests a coordinated act.

Shortly before 12 noon, Free posted images on its Twitter timeline of cut lines.

Which tows were affected?

The Downdetector site, on which users can indicate disruption to services, peaks in reports of problems for Free users appeared around Paris, Lyon, Grenoble, Reims, Strasbourg and Lille, while the same site’s map for SFR users highlights increased issues in Paris, Troyes, Lyon, Nantes and Marseille.

The SFR infrastructure is also used by Bouygues Telecom and Free – and an estimated 100,000 Free customers have been affected, the company said. SFR has not yet audited the number of affected customers, while Bouygues said that it does not use the affected links. Orange customers are also not affected.

Who is responsible?

This is of course the big question, but it’s too early to say and an investigation has been launched. The government has been kept informed of progress.

Apparently, coordinated attacks on fibre optic cables are unprecedented.

“This sort of incident at this scale never happens,” one security source told AFP on condition of anonymity. “It’s the first time and we don’t know who it is for the moment.” 

In March 2020, fibre optic cables used for Orange’s network were intentionally cut in the Paris region, depriving tens of thousands of users of internet connections, although the latest attack is on a  much wider scale. 

Combot added that in recent years there has been a rising number of small-scale acts of vandalism on the telecoms network – burned pylons, cut cables etc – and called for tougher sentences to discourage the vandals.

Member comments

  1. In March, the damage to the Orange fibre network was widespread. In Charente-Maritime, ours among many thousands of households affected.

Log in here to leave a comment.
Become a Member to leave a comment.


Hackers post French hospital patient data online

Hackers who crippled a French hospital and stole a trove of data last month have released personal records of patients online, officials have confirmed.

Hackers post French hospital patient data online

The cyberattackers demanded a multimillion dollar ransom from the Corbeil-Essonnes hospital near Paris a month ago, but the institution refused to pay.

The hospital said the hackers had now dumped medical scans and lab analyses along with the social security numbers of patients.

“I condemn in the strongest possible terms the unspeakable disclosure of hacked data,” health minister François Braun tweeted on Sunday.

Hospitals around the world have been facing increasing attacks from ransomware groups, particularly since the pandemic stretched resources to breaking point.

The problem has been acute in France, where officials estimated early last year that healthcare institutions were facing on average an attack every week.

President Emmanuel Macron last year called the attacks during the pandemic a “crisis within a crisis” and announced an extra one billion euros for cybersecurity.

During last month’s attack, the Corbeil-Essonnes hospital shut down its emergency services and sent many patients to other institutions.

At one point, officials said the only technology still working was the telephone.

Rather than selling the trove of data, the hacker has dumped at least some of it for download on the “dark web” — a hidden part of the internet that requires special software to access.

Analysts said it seemed to be a tactic to put pressure on the hospital, even though public institutions are banned by French law from paying ransoms.

Cybersecurity researcher Damien Bancal, who revealed the leak and has seen the files, told AFP the worry is that other criminals will now launch scams with the data that has already been divulged.

In response to the leak on the weekend, the hospital severely restricted access to its systems and told patients to be extremely vigilant when receiving emails, text messages or phone calls.