View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 20, 2012

France accuses US of Flame malware attack on government computers

PCs belonging to Nicolas Sarkozy's team were hacked

By Steve Evans

Computers belonging to former France president Nicolas Sarkozy were hacked during this year’s unsuccessful re-election campaign, it has been alleged, and the finger has been pointed at US authorities.

According to French magazine L’Express, the hackers were using the notorious Flame malware, thought to have been jointly developed by US and Israeli authorities.

The report states that French officials specialising in the cyberwar field claimed computers belonging to several Sarkozy team members were accessed in May of 2012, a few days before the second round of the French presidential elections. A computer belonging to Xavier Musca, Sarkozy’s secretary general, was targeted. Sarkozy was not a targeted however, as he did not own a PC.

The hackers managed to access some information, much of it sensitive, but no "strategic plans" were taken, the report stated.

It seems that the hackers used social engineering to launch their attack. According to the report they targeted Élysée Palace workers and friended them on Facebook. They then sent the workers a link to a fake intranet log-in site, where their usernames and passwords were stolen.

Once French authorities became aware of the intrusion it took them several days to restore the network. Tracking the malware was tough as the hackers had hidden their location by sending information through servers hosted across the world.

However French investigators have claimed that the malware uses many of the same features of the Flame malware, which targeted countries across the Middle East.

Content from our partners
Five key challenges facing the fashion industry
<strong>How to get the best of both worlds in the hybrid cloud</strong>
The key to good corporate cybersecurity is defence in depth

According to L’Express, Janet Napolitano, Secretary of Homeland Security, refused to confirm or deny US involvement in the attack, and said that the US "has no more important partner than France."

She also denied the Flame virus was anything to do with the United States government, even though the Washington Post has claimed sources within the administration have confirmed it was a joint effort between US and Israeli authorities.

"My job is to protect civilian networks with all the technology we have," Napolitano is reported to have said. "We seek to ensure a high level of safety, the highest possible. To do this, our budget in cyberspace has increased by 40% last year and the recommendation of the President for the coming year is for a 75% increase. This is a major effort in the current context and demonstrates that we are mobilised on this issue. Barack Obama understood the importance of the topic and the need to make investments today. We can not wait."

If these allegations prove to be true it will be the first publicly recorded incident of one major Western nation using cyber warfare against another. Previously the likes Flame and Stuxnet had been used against targets in the Middle East, particularly Iran’s nuclear facilities.

The report claims that contracts signed by Sarkozy’s government with Middle East countries could be at the heart of the attack, with US officials eager to find out more information about the deals.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.