Sign up for our newsletter
Technology / Cybersecurity

France accuses US of Flame malware attack on government computers

Computers belonging to former France president Nicolas Sarkozy were hacked during this year’s unsuccessful re-election campaign, it has been alleged, and the finger has been pointed at US authorities.

According to French magazine L’Express, the hackers were using the notorious Flame malware, thought to have been jointly developed by US and Israeli authorities.

The report states that French officials specialising in the cyberwar field claimed computers belonging to several Sarkozy team members were accessed in May of 2012, a few days before the second round of the French presidential elections. A computer belonging to Xavier Musca, Sarkozy’s secretary general, was targeted. Sarkozy was not a targeted however, as he did not own a PC.

The hackers managed to access some information, much of it sensitive, but no "strategic plans" were taken, the report stated.

White papers from our partners

It seems that the hackers used social engineering to launch their attack. According to the report they targeted Élysée Palace workers and friended them on Facebook. They then sent the workers a link to a fake intranet log-in site, where their usernames and passwords were stolen.

Once French authorities became aware of the intrusion it took them several days to restore the network. Tracking the malware was tough as the hackers had hidden their location by sending information through servers hosted across the world.

However French investigators have claimed that the malware uses many of the same features of the Flame malware, which targeted countries across the Middle East.

According to L’Express, Janet Napolitano, Secretary of Homeland Security, refused to confirm or deny US involvement in the attack, and said that the US "has no more important partner than France."

She also denied the Flame virus was anything to do with the United States government, even though the Washington Post has claimed sources within the administration have confirmed it was a joint effort between US and Israeli authorities.

"My job is to protect civilian networks with all the technology we have," Napolitano is reported to have said. "We seek to ensure a high level of safety, the highest possible. To do this, our budget in cyberspace has increased by 40% last year and the recommendation of the President for the coming year is for a 75% increase. This is a major effort in the current context and demonstrates that we are mobilised on this issue. Barack Obama understood the importance of the topic and the need to make investments today. We can not wait."

If these allegations prove to be true it will be the first publicly recorded incident of one major Western nation using cyber warfare against another. Previously the likes Flame and Stuxnet had been used against targets in the Middle East, particularly Iran’s nuclear facilities.

The report claims that contracts signed by Sarkozy’s government with Middle East countries could be at the heart of the attack, with US officials eager to find out more information about the deals.
This article is from the CBROnline archive: some formatting and images may not be present.