logo Crisis Solutions

Crisis Solutions

+44(0) 207 965 7319CONTACT US

Hack attack? The French fight back

Worried your company could face digital disruption, that hackers might come calling? Here’s proof you can fight back.

Hacking political campaigns is starting to become almost routine. The Democratic party in the US were subject to the delicate attentions of Russian hackers and the fallout from that, with the sacking of FBI director James Comey, is still playing out.

So, it was hardly a surprise when cyber-attackers locked on to the French presidential campaign of Emmanuel Macron; particularly as he had in the past accused Russia and its state-owned media of interfering with the French presidential race. Immediate suspicion fell on the Kremlin, which denied any involvement.

When the hackers struck, sending out phishing emails, the Macron team was ready. They had set up false email accounts with phony documents to wrong foot their opponents.

Phishing emails

The phishing mails were “high quality” according Macron’s digital director, Mounir Mahjoubi and included real campaign staff names. His plan was to do what we are all told not to do and that was to respond to the sham emails and plant hoax information.

In an interview with the Daily Beast Mahjoubi said: “You can flood these [phishing] addresses with multiple passwords and log-ins, true ones, false ones, so the people behind them use up a lot of time trying to figure them out.”

“We went on a counteroffensive,” Mr. Mahjoubi said. “We couldn’t guarantee 100 percent protection” from the attacks, “so we asked, what can we do?” He decided on a so-called “cyber-blurring” strategy.

“We created false accounts, with false content, as traps. We did this massively, to create the obligation for them to verify, to determine whether it was a real account. I don’t think we prevented them. We just slowed them down.”

Crunch point

The crunch point came just before the final round of voting when thousands of documents relating to the Macron campaign were dumped on line. The files contained contracts, accounts and emails, some of which were authentic but some were documents created by the hackers together with the bogus documents concocted by the Macron team.

The mix of the phoney, the bogus and the downright dull meant that this leak seemed to have little impact on the election.

Of course, if there had been a smoking gun, some destabilising revelation about the Macron campaign, then the outcome might have been very different.

This French experience proves two things; you can fight back against the bad guys and in future people may not believe that every leaked document which finds its way on to cyber-space is authentic, believable or even worthy of attention.