France Faces Cyber Attacks by Groups That Attacked U.S. Campaignby
Watchdog warns of ‘political destabilization’ before elections
Cyber watchdog held briefing with presidential campaign teams
Groups that hacked the U.S. Democratic National Committee are active in France, the country’s cyber-security watchdog said, urging political parties to put up defenses ahead of next year’s presidential election.
“We continue to monitor and block attacks against French interests,” the watchdog’s chief, Guillaume Poupard, said in an e-mail to Bloomberg on Thursday. At a Paris press conference a day earlier, he said, “I can confirm that these groups are active and that, well... they’re not stopping at France’s borders,” pointing the finger at hackers that attacked the U.S. political class. Poupard didn’t implicate Russia when he talked about the groups.
The watchdog, called ANSSI, says it is fully mobilized to fight such attempts and is now taking into account possible “sabotage threats” similar to those in the U.S. on organizations including the DNC that roiled the presidential election there.
The watchdog briefed the country’s presidential candidates on hacking threats on Oct. 27, drawing lessons from the U.S. experience. All but the far-right National Front sent representatives. They included The Republicans’s candidates Alain Juppe, Francois Fillon and Nicolas Sarkozy, the Socialist Party and other groups in the National Assembly. The FN candidate Marine Le Pen is in second place in the presidential race behind The Republicans’s nominee Fillon.
For Poupard raising awareness and pushing political parties to enhance security is crucial to avoid “political destabilization.” He also cited the rise of cyber attacks aimed at “possibly influencing” public opinion, including using rankings in social media such as YouTube to put forward “manipulative” information. He called those risks “difficult to manage.”
“What happened in the U.S. illustrated the risk of destabilization,” he said during the press conference. “We see mechanisms to influence voters insidiously. That doesn’t give a candidate extra 20 percentage points, but if the vote is close to 50/50, it can tip the vote one way or the other. That is what may have happened in the U.S.,” he said.
Still France’s cyber-security watchdog is not an intelligence-gathering unit and says it won’t monitor or install sniffers to track cyber attacks on the country’s political parties.
“That’s their own responsibility,” he said adding, “we’ve warned them.” The ANSSI says the parties can reach out to certain cyber-security companies, vetted by the state, to protect and check their networks. The ANSSI discussed with political parties techniques involving protecting networks, identifying users, filtering Internet and e-mail traffic, encrypting communications and keeping work tools and private messaging separate.
France is seeking to prevent acts of subversion from affecting its presidential election which concludes in May. There are about a dozen candidates for the French presidency at this stage. The Socialist Party will elect its candidate in a January primary and the Republicans nominated Fillon in the November primary.
Some candidates have showed sympathy with Vladimir Putin and Russia’s policies in Syria, Ukraine and Crimea, including Le Pen and Fillon. Last week, U.S. President Barack Obama said intelligence he has seen gives him “great confidence” that Russians carried out the hack of the DNC and Hillary Clinton’s adviser John Podesta. President-elect Donald Trump has dismissed claims of Russian involvement.
The hacking groups active in France leave similar footprints as the ones that attacked U.S. political sites, Poupard said.
German lawmakers and party officials have also been the target of a group called APT28, which sent e-mails in August with links to spying software, according to German media reports citing the Federal Office for Information Security. A similar attack was launched on the servers of Germany’s lower house, or Bundestag.
Poupard also said recent cyber attacks, such as the November attack in Germany on 900,000 Deutsche Telekom routers, show certain groups “are preparing future actions.”
“We certainly see capabilities being put in place,” he said without giving further details.