The Louvre is going through recent scrutiny over its safety deficiencies after an £80 million heist because it was revealed that the password “Louvre” gave entry to the museum’s video surveillance.
Confidential paperwork seen by Liberation have revealed that the easy password was sufficient to entry the server answerable for video surveillance of the world well-known museum in 2014.
It was equally straightforward to achieve entry to the Louvre’s cybersecurity software program, offered by Thales, because the password was the identify of the aforementioned firm.
The information comes after £80 million value of France’s crown jewels had been stolen from the Louvre in a matter of minutes on 19 October by thieves sporting high-vis jackets and masks.
Four suspects within the Louvre heist had been arrested final week, together with three believed to be members of the workforce of 4 that had been filmed utilizing a cherry picker to succeed in the museum’s window. They face preliminary prices of theft by an organised gang and legal conspiracy. The jewels have nonetheless not been recovered, authorities stated.
A cybersecurity audit by the French National Cybersecurity Agency (ANSSI) examined the safety community in 2014, the place “the museum’s most critical protection and detection equipment is connected”, the French tabloid quoted the report. This included “access control, alarms, and video surveillance”.
“An attacker who manages to take control of it would be able to facilitate damage or even theft of artworks,” the report stated.
The purposes and methods deployed on the safety community contained quite a few vulnerabilities, in response to the company, who warned that the video surveillance system may simply be broken and modified. The company inspired the Louvre to create extra difficult passwords in an effort to forestall any future safety breaches.
French tradition minister Rachida Dati has acknowledged “security gaps” in the Louvre, as the investigation into the burglary of priceless crown jewels continues.
France’s national audit office said that recommended upgrades from a security audit undertaken a decade ago are not set to be completed until 2032, according to a report on Thursday, which was compiled before the heist last month.
Only 39 per cent of the museum’s rooms had cameras as of 2024, the report found. A security audit began in 2015 found the museum was not sufficiently monitored or prepared for a crisis, but this only led to a tender for security works at the end of last year.
“It will take a number of years to finish the undertaking, which, in response to the museum, will not be anticipated to be completed till 2032,” the report said.
It also highlighted excessive spending to buy artwork and post-pandemic relaunch projects, as well as missed revenues from inefficiencies and ticketing fraud, as contributing to the museum’s inability to fix its outdated infrastructure.
The auditor’s head, Pierre Moscovici, told journalists on Thursday that the robbery was a “deafening” alarm which solely reinforces a number of the concerns made within the report.
In written remarks printed by the audit workplace, Ms Dati stated she agreed on the urgency of the technical work and reiterated requires swift corrective measures.
Louvre director Laurence des Cars stated in the identical doc she supported a lot of the auditor’s suggestions however insisted the museum’s long-term transformation plan is important to deal with its structural challenges.
https://www.independent.co.uk/news/world/europe/louvre-security-password-museum-heist-burglary-b2859831.html