The Greater Paris wastewater agency, known as SIAAP, which oversees wastewater management for approximately nine million people in and around Paris, has experienced a cyberattack. The agency detected the attack on Friday and promptly filed a complaint with the judicial police and the National Commission on Informatics and Liberty (CNIL).
To mitigate the impact, SIAAP’s IT teams have been working since Wednesday to secure industrial systems and cut off external connections. While the attack’s origin remains undisclosed, ransomware gangs targeting critical services have increasingly focused on water authorities due to the sensitive customer information they possess.
In response to the cyber incident, SIAAP has activated a crisis unit and lodged a complaint, signaling the severity of the situation. The agency’s IT teams have taken proactive measures to secure their systems and prevent the attack from spreading further.
The priority is to ensure the continuity of the public sanitation service for residents in the Ile-de-France region. SIAAP has set up local systems to address public inquiries and is in constant communication with various government agencies. An emergency order has been issued to authorize the hiring of external cybersecurity firms and the acquisition of necessary equipment to recover and restore essential systems.
Despite the absence of a claim from any hacking group, the attack underscores the vulnerability of critical infrastructure, with water authorities becoming prime targets for cybercriminals seeking to disrupt essential services and gain access to sensitive data.
The agency remains dedicated to managing the aftermath of the attack and supporting its agents, emphasizing the ongoing efforts to return to normalcy while facing challenges in the current degraded working environment.