Russia allegedly mounts cyber assaults on France's defense, finance, and media industries, claims France.
France Blasts Russia Over Cyberattacks, Accuses GRU's APT28
On a fiery Tuesday, France lashed out at Russian military intelligence for alleged cyberattacks, reaching as far back as the 2017 presidential election of Emmanuel Macron and the Paris Olympics. The bombshell accusations were put forth by French Foreign Minister Jean-Noel Barrot, directly addressing the UN Security Council in the presence of Russia's envoy.
Barrot pointed the finger at a notorious branch of the GRU military intelligence: APT28, also recognized globally as Fancy Bear. This group has been linked to a series of cyberattacks, most notably the 2016 US election, where Democratic candidate Hillary Clinton's emails were leaked.
As per France's foreign ministry, since 2021, APT28 has been relentless in its attacks on a dozen French entities, targeting sectors crucial to the nation's defense, finance, and economy. Barrot made a clear connection between the renewed APT28 assaults and France's ongoing support for Ukraine since the 2022 Russian invasion.
During a Security Council debate on Ukraine, Barrot boldly stated, "We condemn these cyberattacks in the strongest possible terms." He stressed that such activities are unbefitting of a permanent Security Council member and were contrary to the United Nations' set standards, urging an immediate cease in the attacks.
A Cyber-Underground War
Russia's UN envoy chose to remain silent on the French allegations, instead focusing on Russia's stance in Ukraine. The elusive APT28 group is infamous for targeting personal email accounts to retrieve data and messages, or to gain access to other system networks.
In the past, APT28 has orchestrated massive hacking operations designed to sow doubt and manipulate public opinion, as witnessed in the 2017 presidential election in France. During the campaign, APT28 was instrumental in a hack targeting Macron's run for presidency, resulting in the leak of thousands of sensitive documents right before the vote. Despite the efforts to sway public opinion, the manipulation failed to significantly impact the election's outcome, with Macron securing an easy win against far-right veteran Marine Le Pen.
Media organizations have also found themselves in APT28's crosshairs. For instance, in 2015, the group hacked the French TV5 Monde channel, aiming to manipulate public opinion and create panic in France, posing as Islamic State militants. France has been no stranger to Islamist attacks, notably in 2015 at the Bataclan concert hall in Paris.
APT28: A Global Threat
Security agencies from several countries, including Germany, have previously warned of the numerous cyberattacks spearheaded by Fancy Bear. APT28 has been active since at least 2004 or 2007, targeting government, military, energy, and media organizations in Europe and the US. In 2024, they were connected to cyberattacks on 60 organizations in Asia and Europe, focusing their efforts on Operational Technology (OT) organizations 1.
France's accusations underline a worrying trend of increased digital aggression linked to geopolitical conflicts. It signifies a significant shift in attribution and response—particularly considering France's role in supporting Ukraine against Russian aggression 4.
In essence, APT28 represents a formidable and far-reaching threat, targeting strategic international entities and contributing to a broader geopolitical confrontation between Russia and its adversaries in Europe.
(FRANCE 24 with AFP)
- The French Foreign Minister, Jean-Noel Barrot, recently conducted an analysis of APT28's activities, linking them to several cyberattacks on French entities since 2021.
- Barrot's opinion on Russia's GRU military intelligence, represented by APT28, was vocalized during a UN Security Council debate, where he deemed their cyberattacks unbecoming of a permanent council member.
- The finance and economy sectors of France have been targeted by APT28, which has been relentless in its attacks on a dozen French entities since 2021.
- APT28's terrorism-like cyberattacks, such as the hack on the French TV5 Monde channel in 2015, aim to manipulate public opinion and sow doubt, as witnessed in the 2017 French presidential election.
- The global community, including Germany, has previously warned of the cybersecurity threats posed by APT28, a notorious group known as Fancy Bear, which has been active since at least 2004.
- The ongoing tensions between Russia and its adversaries in Europe, such as France, are now being reflected in the politics and technology sphere, with APT28 representing a significant threat to strategic international entities.
