Orange

Orange, a threat actor, has been implicated in several significant cybersecurity incidents. In August 2023, the group exploited a vulnerability (CVE-2023-50430 and CVE-2023-50429) in IzyBat Orange casiers, allowing SQL injection through getEnsemble.php ensemble. This incident highlighted the potential for serious data breaches and system compromise. Additionally, Orange Spain, the country's second-largest network provider, experienced substantial outages in January 2024 following the compromise of its account with RIPE, the regional internet registry used by Europe, the Middle East, and Central Asia. This breach was reportedly due to an Orange Spain employee being infected by the Raccoon infostealer malware in September 2023. In a separate event, a threat actor named “Ms_Snow_OwO” announced that they had gained access to a RIPE administrator account belonging to telecommunications provider Orange Spain. Despite these security breaches, Orange Spain stated that no customer data was compromised. The compromise of cellular carrier Orange Spain is one of the latest instances illustrating the threat posed by Orange and similar entities. The attack led to a significant internet outage affecting company customers, further emphasizing the operational risks associated with such cyber threats. The involvement of Orange in these incidents underscores the need for robust cybersecurity measures across industries. Various companies, including Microsoft Corp and French telecom firm Orange SA, have committed funding as part of a consortium aimed at tackling such threats. However, as per Dominic Trott, director of strategy and alliances at Orange Cyberdefense, criminalizing ransom payments could potentially shift the focus from perpetrators to victims, thereby triggering unintended consequences like reluctance to report breaches. As the cybersecurity landscape continues to evolve, it's crucial to stay vigilant against the activities of threat actors like Orange.