French Presential Election Hacked by Russians
France’s recent presidential election has had many parallels to the United States 2017 presidential election, including an email hack of its own. Then candidate Emmanuel Macron had his personal email servers hacked, as well as other members of his staff and party. Some nine gigabytes of information were stolen and hosted on file sharing websites. Interestingly publishing any French media outlet that wanted to publish the emails would have faced federal charges, as it would have been seen as influencing the election. This would be due to the hack occurring two days before the actual vote, during that time France has a media blackout of sorts in place about the election.
The National Security Agency (NSA) Director Michael Rogers stated that while there wasn’t enough evidence to directly tie Russia to the hack, there was enough to implicate them in it. The NSA had previously warned French officials about the possibility of a cyber-attack during the election. French officials have yet to lay responsibility for the attack at anyone’s feet.
Independent cyber-security firms have made note of the different methods that have been used to gain access to the email servers. Trend Micro found that Russian groups use a phishing domain to gain access to Microsoft storage services. Trend Micro found files in Cyrillic, including the metadata which would at least point to a program set to Russian language usage. One of the files included the name “Roshka Georgiy Petrovich” which is a known contractor for the Russian intelligence contractor Eureka.
The NSA Director stated that a “strategy of deterrence” will be needed to stop Russian actors from influencing other nation-states. Director Rogers feels that countries need to retaliate and make it clear that any sort of outside interference will be met with retribution. Peter Singer, a strategist at the New America Foundation, feels that the Obama administration’s ejection of Russian diplomats wasn’t going far enough. Singer feels these “influence attacks” should be met with similar attacks against Russia’s leader Vladimir Putin. US cyberattacks should be used to expose the vast personal wealth Putin has obtained, or to reveal other weaknesses in the ruling oligarchy.
Jim Lewis, a cybersecurity and foreign policy analyst at the Center for Strategic and International Studies, agrees with Mr. Singer. He claims that Russian officials react strongly to any data leak that exposes corruption in their government. He feels that releasing data and reports that do so in response to Russian influence attacks would be an effective deterrent. Both Mr. Singer and Mr. Lewis feel that the sanctions levelled by the US need to be applied at an international level. While cyberattacks from Russia have lessened against the US in the wake of increased sanctions, they have risen against our allies in the EU and NATO. Without sanctions coming from those two bodies, Russian hackers will simply shift the focus of their attacks somewhere else.
The NSA has also warned the British and German governments about possible interference in their upcoming elections. Russian hackers have successfully targeted and stolen data from the current German Prime Minister Angela Merkel and her parliament.
Max is a Data Privacy Coordinator at a major global law firm and a science fiction author residing in the Philadelphia area. He has been writing for https://www.askcybersecurity.com since early 2017.