Alarmed by allegations of Russian meddling in the 2016 US presidential race, French authorities have warned political parties against the threat of cyber attacks as the country prepares to elect a new president in May.
A US president-elect who may be compromised by a foreign power. A presidential election marred by cyber attacks, leaks and interference. An incoming head of state in open disagreement with his intelligence agencies.
Donald Trump’s tumultuous transition to power in the United States is everything French authorities hope to avoid ahead of the country’s own presidential elections in May. With five months to go, the National Agency for the Security of Information Systems (L’Agence nationale de la sécurité des systèmes d’information or ANSSI) has been forced to learn some valuable lessons from the United States.
“We help [identify] attack methods that are already being used in industrial espionage. It’s even easier to obtain organisational charts or the identities of officials and their underlings from political parties – there’s much more of a pronounced human-communication component. Political parties also organise more public events, where they might fall victim to mobile phone or computer theft,”
said Cyrille Barthélémy, CEO of the French cyber security company Intrinsec.
The devastating attack on the Democratic National Committee (DNC) in the United States began with a massive phishing campaign – a technique that allows hackers to steal personal data by sending fraudulent emails purporting to be from trustworthy sources. After opening the email, victims are often directed to a fake log-in page, where they are asked to enter their usernames and passwords.
This information can then be used to identify people close to the victim, steal his or her identity, or access the holy grail of hacking: an official’s personal email account. The goal is to reach as far as possible into the victim’s life in order to find information that can be used to compromise him or her. The email accounts of campaign staff might also be targeted for website log-in information, or username and passwords to accounts on social media such as Twitter and Facebook.
“We’re clearly not up against people who are throwing punches just to see what happens. There’s a real strategy that includes cyber [attacks], interference and leaked information… These are people whom we’re obviously following closely. Even if we can’t be sure that they’re the same, they’re attackers who regularly come knocking on our ministers’ doors,” ANSSI Director Guillaume Poupard told FRANCE 24.