French Security Chief Warns of Permanent Cyber War

France's cyber security chief has warned of the risk of "permanent war" in cyberspace as a result of hacking for espionage and fraud purposes by states and criminals.

Guillaume Poupard said of cyber attacks that "in terms of effects and impact, we are clearly getting closer to a state of war". The director general of the government cyber defence agency known in France by its acronym, ANSSI, lamented a lack of commonly agreed rules to govern cyberspace and said nations "must work collectively, not just with two or three Western countries, but on a global scale".

Mr Poupard also said there is no evidence that a notorious Russian hacking group was behind the cyber-attack on President Emmanuel Macron's election campaign. 

The Macron campaign hack "was so generic and simple that it could have been practically anyone", he said. 
He said they found no trace that the Russian hacking group known as APT28, blamed for other attacks including the one which hit the US presidential campaign, was responsible.

Its experts were immediately dispatched when documents stolen from the Macron campaign leaked online on May 5 in the closing hours of the presidential race.

Mr Poupard said the attack's simplicity "means that we can imagine that it was a person who did this alone. They could be in any country". Mr Poupard added: "With what we see today, attacks that are criminal, from states, often for espionage or fraud but also more and more for sabotage or destruction, we are getting closer, clearly, to a state of war, a state of war that could be more complicated, probably, than those we've known until now." 

His comments echoed testimony from the head of the US National Security Agency, Admiral Michael Rogers, to the US Senate armed services committee on May 9.

Admiral Rogers spoke of "cyber effects" being used by states "to maintain the initiative just short of war",
He said: "Cyber war is not some future concept or cinematic spectacle - it is real, and here to stay."

Mr Poupard said "the most nightmare scenario, the point of view that Rogers expressed and which I share" would be "a sort of permanent war, between states, between states and other organisations, which can be criminal and terrorist organisations, where everyone will attack each other, without really knowing who did what; a sort of generalised chaos that could affect all of cyberspace". 

Contrary to Admiral Rogers, who said the US had warned France of "Russian activity" before Mr Macron's win, Mr Poupard did not point the finger at Russia. 

APT28 has been identified by the US government as a Russian intelligence outfit and blamed for hacks of the US election campaign, as well as anti-doping agencies and other targets. The group also is known by other names, including Fancy Bear.

Ein News:

You Might Also Read:

Hackers Came, But the French Were Prepared:

France Launches a Cyber Warfare Division:

Meet The Fancy Bears:

 

« UK’s Trident Nuclear Subs Vulnerability To Hackers
Putin Applauds Patriotic Russian Hackers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

RSA Security

RSA Security

RSA provide cybersecurity products for Threat Detection and Response, Identity and Access Management, Governance, Risk and Compliance, and Fraud Prevention.

Veeam

Veeam

Veeam is the leader in intelligent data management for the Hyper-Available Enterprise.

Hiscox

Hiscox

Hiscox offers cyber and data risks insurance to protect your business against the risks of holding data and using computer systems..

Backup Systems

Backup Systems

Backup Systems is a leading backup and disaster recovery systems provider across the UK.

Direct Recruiters Inc

Direct Recruiters Inc

Direct Recruiters is a relationship-focused search firm that assists IT Security and Cybersecurity companies with recruiting high-impact talent.

AEI Cybersecurity

AEI Cybersecurity

AEI brings together companies, Research Centres, Universities, and other organizations interested in promoting new cybersecurity technologies.

Maritime Cybersecurity Center (MCC)

Maritime Cybersecurity Center (MCC)

Maritime Cybersecurity Center is a not-for-profit organization focused on regional cybersecurity excellence and readiness, with a special emphasis on the maritime community.

Kivu Consulting

Kivu Consulting

Kivu Consulting combines technical and legal expertise to deliver data breach response, investigative, discovery and forensic solutions worldwide.

Commonwealth Cybercrime Initiative (CCI)

Commonwealth Cybercrime Initiative (CCI)

The CCI unites 35 international organisations contributing to multidisciplinary programmes in Commonwealth countries. These organisations form the CCI Consortium.

Perseus Cyber Security

Perseus Cyber Security

Perseus provides all-around digital protection for small and medium-sized businesses through state-of-the-art software solutions, flexible online training and emergency response.

DCX Technology

DCX Technology

Recognized as a leader in security services, DXC Technology help clients prevent potential attack pathways, reduce cyber risk and improve threat detection and incident response.

Aujus Cybersecurity

Aujus Cybersecurity

Aujas is a pure-play cyber security services company with deep expertise in Identity and Access Management, Managed Security and Security Testing services.

DMARC360

DMARC360

DMARC360 analyzes your email traffic patterns and sources, rapidly deploys email authentication protocols and monitors your email domains with automated recommendations and incident response.

Cybersecurity Center for Secure Evolvable Energy Delivery Systems (SEEDS)

Cybersecurity Center for Secure Evolvable Energy Delivery Systems (SEEDS)

SEEDS conducts research and develops innovative cybersecurity technologies, tools, and methodologies that advance the energy sector’s ability to survive cyber incidents.

Kiteworks

Kiteworks

Kiteworks (formerly Accellion) creates a dedicated Private Content Network that ensures zero-trust private content protection and compliance.

Cloud & More

Cloud & More

Tired of impersonal IT support? Experience the Cloud & More difference. We offer tailored IT services with a personal touch, ensuring your business technology runs smoothly.