{"id":267030,"date":"2020-12-11T08:46:22","date_gmt":"2020-12-11T07:46:22","guid":{"rendered":"https:\/\/www.stormshield.com\/?page_id=267030"},"modified":"2022-02-24T09:16:42","modified_gmt":"2022-02-24T08:16:42","slug":"incident-de-securite-stormshield","status":"publish","type":"page","link":"https:\/\/www.stormshield.com\/fr\/incident-de-securite-stormshield\/","title":{"rendered":"Incident de s\u00e9curit\u00e9 concernant un portail technique de Stormshield"},"content":{"rendered":"

[vc_row css_animation=\"\" row_type=\"row\" use_row_as_full_screen_section=\"no\" type=\"full_width\" angled_section=\"no\" text_align=\"left\" background_image_as_pattern=\"without_pattern\"][vc_column][vc_column_text]Le 04 d\u00e9cembre 2020, les \u00e9quipes Stormshield ont d\u00e9tect\u00e9 un incident de s\u00e9curit\u00e9 qui a entrain\u00e9 un acc\u00e8s non autoris\u00e9 \u00e0 un portail technique, utilis\u00e9 notamment par nos clients et partenaires pour la gestion des tickets de support sur nos produits.<\/strong><\/p>\n

Des donn\u00e9es personnelles et des \u00e9changes techniques associ\u00e9s \u00e0 certains comptes ayant ainsi pu \u00eatre consult\u00e9s ; nous avons imm\u00e9diatement averti les propri\u00e9taires des comptes concern\u00e9s et avons notifi\u00e9 les autorit\u00e9s comp\u00e9tentes. Par pr\u00e9caution, les mots de passe de tous les comptes ont \u00e9t\u00e9 r\u00e9initialis\u00e9s. Des mesures compl\u00e9mentaires ont \u00e9t\u00e9 appliqu\u00e9es au portail pour renforcer sa s\u00e9curit\u00e9. Tous les tickets de support et les \u00e9changes de donn\u00e9es li\u00e9s aux comptes concern\u00e9s ont \u00e9t\u00e9 analys\u00e9s et les r\u00e9sultats ont \u00e9t\u00e9 communiqu\u00e9s aux clients. En parall\u00e8le, nous avons \u00e9galement appliqu\u00e9 des mesures pr\u00e9ventives similaires au portail Stormshield Institute, utilis\u00e9 pour la gestion de nos formations certifiantes.<\/p>\n

La suite des investigations, dans le cadre de cet incident, a r\u00e9v\u00e9l\u00e9 la fuite de certains \u00e9l\u00e9ments du code source des produits SNS (Stormshield Network Security), ce qui a \u00e9galement \u00e9t\u00e9 communiqu\u00e9 \u00e0 nos clients. Les analyses approfondies r\u00e9alis\u00e9es avec le soutien des autorit\u00e9s comp\u00e9tentes n\u2019ont pas identifi\u00e9 de trace de modification ill\u00e9gitime de ces sources, ni de compromission de produits Stormshield en fonctionnement, \u00e0 ce jour.<\/p>\n

Nos \u00e9quipes sont mobilis\u00e9es pour assurer la meilleure s\u00e9curit\u00e9 des infrastructures de nos clients. Ainsi, par mesure de pr\u00e9caution suppl\u00e9mentaire, nous avons anticip\u00e9 le remplacement du certificat qui permet de signer et d\u2019assurer l\u2019int\u00e9grit\u00e9 des mises \u00e0 jour des produits SNS. De nouvelles mises \u00e0 jour ont \u00e9t\u00e9 mises \u00e0 disposition des clients et partenaires pour que leurs produits puissent fonctionner avec ce nouveau certificat. Nos \u00e9quipes techniques sont \u00e9galement \u00e0 la disposition de tous les propri\u00e9taires de compte sur les portails MyStormshield et Stormshield Institute pour obtenir des informations les concernant sp\u00e9cifiquement.<\/p>\n

L\u2019ensemble des activit\u00e9s et moyens techniques au service de nos clients et de nos partenaires sont toujours pleinement op\u00e9rationnels. Aucune d\u00e9faillance des solutions Stormshield n\u2019a \u00e9t\u00e9 identifi\u00e9e lors des investigations.<\/p>\n

Les entreprises qui, comme Stormshield, fournissent des solutions de protection contre l\u2019explosion des cyber-menaces, semblent \u00eatre une nouvelle cible pour des attaquants tr\u00e8s bien organis\u00e9s et exp\u00e9riment\u00e9s. Nous continuerons d\u2019apporter de la visibilit\u00e9 sur cet incident, en fonction des \u00e9l\u00e9ments que nous pourrons communiquer.
\n<\/strong><\/p>\n

 <\/p>\n

Mise \u00e0 jour - avril 2021<\/h2>\n

Suite \u00e0 l\u2019incident de s\u00e9curit\u00e9 dont Stormshield avait fait l\u2019objet, l\u2019ensemble des analyses et v\u00e9rifications techniques r\u00e9alis\u00e9es sur nos environnements, depuis plusieurs semaines, est maintenant termin\u00e9e.<\/p>\n

Ces investigations, men\u00e9es conjointement avec les autorit\u00e9s comp\u00e9tentes, n'ont pas mis en \u00e9vidence d'autres actions malveillantes que celles communiqu\u00e9es le 4 f\u00e9vrier 2021, notamment concernant l\u2019int\u00e9grit\u00e9 du code source des produits Stormshield Network Security (SNS).<\/p>\n

De ce fait, l\u2019ANSSI a lev\u00e9, le vendredi 2 avril 2021, la mise sous observation des qualifications et agr\u00e9ments des produits SNS<\/a>. Les qualifications retrouvent ainsi le niveau de recommandation qu\u2019elles avaient avant la d\u00e9tection de l\u2019incident et garantissent la confiance renouvel\u00e9e par l\u2019ANSSI dans nos technologies.[\/vc_column_text][\/vc_column][\/vc_row][vc_row css_animation=\"\" row_type=\"row\" use_row_as_full_screen_section=\"no\" type=\"full_width\" angled_section=\"no\" text_align=\"left\" background_image_as_pattern=\"without_pattern\"][vc_column][vc_empty_space][\/vc_column][\/vc_row]<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"

[vc_row css_animation=\u00a0\u00bb\u00a0\u00bb row_type=\u00a0\u00bbrow\u00a0\u00bb use_row_as_full_screen_section=\u00a0\u00bbno\u00a0\u00bb type=\u00a0\u00bbfull_width\u00a0\u00bb angled_section=\u00a0\u00bbno\u00a0\u00bb text_align=\u00a0\u00bbleft\u00a0\u00bb background_image_as_pattern=\u00a0\u00bbwithout_pattern\u00a0\u00bb][vc_column][vc_column_text]Le 04 d\u00e9cembre 2020, les \u00e9quipes Stormshield ont d\u00e9tect\u00e9 un incident de s\u00e9curit\u00e9 qui a entrain\u00e9 un acc\u00e8s non autoris\u00e9 \u00e0 un portail technique, utilis\u00e9 notamment par nos clients et partenaires pour la gestion des tickets de support…<\/p>\n","protected":false},"author":31,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-267030","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"\nIncident de s\u00e9curit\u00e9 concernant un portail technique de Stormshield - Stormshield<\/title>\n<meta name=\"robots\" content=\"noindex, nofollow\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Incident de s\u00e9curit\u00e9 concernant un portail technique de Stormshield - Stormshield\" \/>\n<meta property=\"og:description\" content=\"[vc_row css_animation="" row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern"][vc_column][vc_column_text]Le 04 d\u00e9cembre 2020, les \u00e9quipes Stormshield ont d\u00e9tect\u00e9 un incident de s\u00e9curit\u00e9 qui a entrain\u00e9 un acc\u00e8s non autoris\u00e9 \u00e0 un portail technique, utilis\u00e9 notamment par nos clients et partenaires pour la gestion des tickets de support...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.stormshield.com\/fr\/incident-de-securite-stormshield\/\" \/>\n<meta property=\"og:site_name\" content=\"Stormshield\" \/>\n<meta property=\"article:modified_time\" content=\"2022-02-24T08:16:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.stormshield.com\/wp-content\/uploads\/stormshield_logo.png\" \/>\n\t<meta property=\"og:image:width\" content=\"204\" \/>\n\t<meta property=\"og:image:height\" content=\"94\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@Stormshield\" \/>\n<meta name=\"twitter:label1\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.stormshield.com\\\/fr\\\/incident-de-securite-stormshield\\\/\",\"url\":\"https:\\\/\\\/www.stormshield.com\\\/fr\\\/incident-de-securite-stormshield\\\/\",\"name\":\"Incident de s\u00e9curit\u00e9 concernant un portail technique de Stormshield - Stormshield\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.stormshield.com\\\/fr\\\/#website\"},\"datePublished\":\"2020-12-11T07:46:22+00:00\",\"dateModified\":\"2022-02-24T08:16:42+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.stormshield.com\\\/fr\\\/incident-de-securite-stormshield\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.stormshield.com\\\/fr\\\/incident-de-securite-stormshield\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.stormshield.com\\\/fr\\\/incident-de-securite-stormshield\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.stormshield.com\\\/fr\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Incident de s\u00e9curit\u00e9 concernant un portail technique de Stormshield\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.stormshield.com\\\/fr\\\/#website\",\"url\":\"https:\\\/\\\/www.stormshield.com\\\/fr\\\/\",\"name\":\"Stormshield\",\"description\":\"Stormshield\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.stormshield.com\\\/fr\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Incident de s\u00e9curit\u00e9 concernant un portail technique de Stormshield - Stormshield","robots":{"index":"noindex","follow":"nofollow"},"og_locale":"fr_FR","og_type":"article","og_title":"Incident de s\u00e9curit\u00e9 concernant un portail technique de Stormshield - Stormshield","og_description":"[vc_row css_animation=\"\" row_type=\"row\" use_row_as_full_screen_section=\"no\" type=\"full_width\" angled_section=\"no\" text_align=\"left\" background_image_as_pattern=\"without_pattern\"][vc_column][vc_column_text]Le 04 d\u00e9cembre 2020, les \u00e9quipes Stormshield ont d\u00e9tect\u00e9 un incident de s\u00e9curit\u00e9 qui a entrain\u00e9 un acc\u00e8s non autoris\u00e9 \u00e0 un portail technique, utilis\u00e9 notamment par nos clients et partenaires pour la gestion des tickets de support...","og_url":"https:\/\/www.stormshield.com\/fr\/incident-de-securite-stormshield\/","og_site_name":"Stormshield","article_modified_time":"2022-02-24T08:16:42+00:00","og_image":[{"width":204,"height":94,"url":"https:\/\/www.stormshield.com\/wp-content\/uploads\/stormshield_logo.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_site":"@Stormshield","twitter_misc":{"Dur\u00e9e de lecture estim\u00e9e":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.stormshield.com\/fr\/incident-de-securite-stormshield\/","url":"https:\/\/www.stormshield.com\/fr\/incident-de-securite-stormshield\/","name":"Incident de s\u00e9curit\u00e9 concernant un portail technique de Stormshield - Stormshield","isPartOf":{"@id":"https:\/\/www.stormshield.com\/fr\/#website"},"datePublished":"2020-12-11T07:46:22+00:00","dateModified":"2022-02-24T08:16:42+00:00","breadcrumb":{"@id":"https:\/\/www.stormshield.com\/fr\/incident-de-securite-stormshield\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.stormshield.com\/fr\/incident-de-securite-stormshield\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.stormshield.com\/fr\/incident-de-securite-stormshield\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.stormshield.com\/fr\/"},{"@type":"ListItem","position":2,"name":"Incident de s\u00e9curit\u00e9 concernant un portail technique de Stormshield"}]},{"@type":"WebSite","@id":"https:\/\/www.stormshield.com\/fr\/#website","url":"https:\/\/www.stormshield.com\/fr\/","name":"Stormshield","description":"Stormshield","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.stormshield.com\/fr\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"}]}},"_links":{"self":[{"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/pages\/267030","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/comments?post=267030"}],"version-history":[{"count":4,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/pages\/267030\/revisions"}],"predecessor-version":[{"id":267034,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/pages\/267030\/revisions\/267034"}],"wp:attachment":[{"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/media?parent=267030"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}