"Spectacular" Cyber Attack Gains Access to France's G20 Files

International news media are reporting today of a successful cyber attack by unknown parties against the French Government that occurred late last year. The incident was first reported by the magazine Paris Match yesterday, which the French government later confirmed.

According to this article in the Financial Times of London, the attack targeted "sensitive information relating to France's presidency of the Group of 20 industrialised nations."

The FT article quotes François Baroin, Budget Minister, as saying the attack had been "spectacular", while this article at the Wall Street Journal states that computer security on 12,000 of the 170,000 workstations used by the French Finance Ministry was increased this past weekend in wake of the attack.

Patrick Pailloux, head of L'Agence nationale de la sécurité des systèmes d'information (National Agency for Information Systems Security) was also quoted by the FT as saying the cyber attack was:

"... pure espionage ... one of the most important attacks, if not the most important, ever to target the public administration."

The attacks apparently began in December of last year, but weren't detected until January of this year. By the time the attacks were detected, at least 150 workstations at the Finance Ministry had been successfully penetrated.

Attempts to gain access to the computers located in the office of French President Nicolas Sarkozy, Prime Minister François Fillon, and the Minister of State failed, however.

The FT states that the workstations were penetrated via a Trojan Horse concealed in a PDF file attached to an email that supposedly came from a known source. The WSJ article says that the malware was detected when an employee at the Finance Ministry noticed an email had been sent to them from someone in the ministry who said they hadn't sent it.

Speculation is that the French Government believes the attack came from China, but is hesitant to say so for fear of losing China's support of France's G20 initiatives.

A few weeks ago, I blogged about Canada's Treasury Board and Department of Finance being hacked. Suspicion fell on China, which the Chinese government strongly denied.

Related Stories

Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Contributor
Willie D. Jones
 

Newsletter Sign Up

Sign up for the ComputerWise newsletter and get biweekly news and analysis on software, systems, and IT delivered directly to your inbox.

Advertisement
Advertisement