5 hours ago
5
France has accused Russian military intelligence of carrying out a massive cyber-attack on Emmanuel Macron’s first presidential campaign in 2017 as well as several other recent major hacks, including on a TV station and an organisation involved in the Paris Olympics.
The French foreign ministry said for the first time on Tuesday that it was Russian hackers who had targeted Macron’s campaign team in 2017, adding that other Russian targets had included French media and an organisation involved in the 2024 Olympics.
Hours before the 2017 French presidential election, thousands of internal campaign emails from Macron’s team and other documents – some said to be false – were released online after the midnight deadline to end campaigning.
“Thousands of documents were stolen and disseminated in the hope of manipulating voters, but the manoeuvre failed to have any real impact on the electoral process,” said a foreign ministry video, shared online by the foreign minister, Jean-Noël Barrot.
Macron won the 2017 election against the far-right candidate, Marine Le Pen.
The French foreign ministry also attributed other attacks to Russian military intelligence, including the 2015 hacking of the French public broadcast channel TV5Monde. It said Russian hackers, posing as Islamic State militants, targeted TV5Monde “to manipulate public opinion” and create panic in France.
Since 2021, a branch of Russian military intelligence (GRU) dedicated to cyber-attacks had targeted a dozen French entities including defence, financial and economic sectors, the foreign ministry said. It said the targets had included entities “working in the daily lives of French people and public services, private enterprises as well as a sport organisation involved in the 2024 Olympic and Paralympic Games”.
Barrot said that Russian military intelligence “has been carrying out cyber-attacks against France for several years using a method known as APT28.”
APT28, also known as Fancy Bear, has been accused of carrying out dozens of cyber-attacks around the world, including on the 2016 US election, where it was accused of aiding Donald Trump by leaking Democratic party emails and those of the campaign of Hillary Clinton.
A report by the French Cybersecurity agency (ANSSI) released on Tuesday said that since 2021, ATP28 “had been used to gather strategic intelligence from entities located in France, Europe, Ukraine and North America.”
The French foreign ministry said in a statement: “France condemns in the strongest terms the use by Russia’s military intelligence service of the APT28 attack group, at the origin of several cyber-attacks on French interests.”
The group targets personal email accounts to retrieve data and emails, or gain access to other machines on a system.
In September 2024 several international intelligence services, including German authorities, warned of the risk of cyber-attacks targeting Nato countries that Fancy Bear carried out.
The French foreign ministry said: “Alongside its partners, France is determined to use all the means at its disposal to anticipate Russia’s malicious behaviour in cyberspace, discourage it and respond to it where necessary.”
Agence France-Presse contributed to this report
