Sacré bleu! Skilled hackers used poisoned e-mails to break into 150 PCs at the French finance ministry and steal “numerous” sensitive documents over the past three months, Budget Minister François Baroin admitted Monday.
The hackers used a Trojan horse attached to e-mails to open a “backdoor” into infected PCs, which then allowed full access to the network of the Ministry of Economy and Finances. The website of Paris Match magazine broke the story Monday morning.
Baroin confirmed the break-in later Monday in a radio interview, but refused to provide details, saying only that the attack was “spectacular.”
Click here to watch French Budget Minister François Baroin interviewed on Europe1 (in French).
“This was done by determined and organized professionals,” Patrick Pailloux, director-general of ANSSI, the French information-security agency, told Paris Match. “It’s the first attack of this breadth and scale against the French state.”
Baroin confirmed that the targeted PCs belonged to ministry employees who work on the G20, a semi-formal group of finance ministers and central banks from 19 leading countries plus the European Union.
France took over the rotating presidency of the G20 in November. The attacks began in December and continued right up until Friday (March 4).
“Numerous” documents related to the French treasury and the G20 were taken, according to a highly placed but anonymous official.
“Some of the data was redirected to Chinese sites,” the official told Paris Match. “But that doesn’t mean much.”
Because even moderately skilled hackers know how to cover their tracks, the French attacks could have come from anywhere.
Chinese hackers working for or with the Beijing government have been suspected of several large-scale network intrusions over the past few years against hundreds of Western targets, including large energy companies (“ Night Dragon ”), American technology, defense and financial corporations (“ Operation Aurora ”) and the 2008 presidential campaigns of Sen. John McCain and President Barack Obama.
- Security and Privacy Software Reviews
- Cybergate: Leaked E-mails Hint at Corporate Hacking Conspiracy
- What Obama and Congress Should Do for Cybersecurity