All united against China.
This week, several Western countries denounced cyberattacks that have targeted their public institutions in recent years.
In a rare and apparently concerted move, the United Kingdom, the United States and New Zealand directly targeted Beijing, with Washington even announcing that it had indicted seven Chinese for a “prolific global hacking operation”.
For its part, China rejected the accusations and said it had “strongly protested” to the parties concerned.
We take stock of what we know about these offensive maneuvers.
What are these types of attacks?
Cyberattacks generally take two forms.
First there is espionage, which involves stealing sensitive information.
But they can also be attempts at destabilization with the aim of causing a country to malfunction by cutting off water or electricity, for example.
“In both cases, the attackers preposition themselves in the infrastructures, that is to say they hack them but their objective is to be as discreet as possible and then trigger destabilizing attacks the day they have them. need,” explains Gérôme Billois, cybersecurity expert at Wavestone.
Who are the perpetrators of these attacks?
Many countries have developed great offensive qualities in terms of cyberattack.
In each of its countries, there are several groups of “attackers”.
Some are close to the state and are in the army or intelligence services.
They respond to government orders.
Other pirates act for independent mercenary groups, but they are paid to carry out these offensives.
Often, these are people convicted of cyberattacks who try to reduce their sentence by working for the state in question.
Finally, there are autonomous groups that are difficult to associate with governments but who nevertheless wish to defend their countries.
Also read Cybersecurity: “We will have a lot to learn from the cyber invasion in Ukraine”
So why target China in particular?
“There are many isolated pirates who have great skills, so we cannot be certain that the Chinese state is involved every time,” judges Gérôme Billois.
But in the past, China had already denied being behind certain offensives, even though technical analyzes clearly showed that these attacks came from actors close to the government.
»
This time, according to Washington, a group called APT31 is indeed at the origin of this “cyber espionage program” which would have been managed by the powerful Chinese Ministry of State Security from the city of Wuhan.
The hackers gained access to “email accounts, cloud storage accounts,
and
phone call recordings,” the US Department of Justice said.
In the majority of cases, however, it is difficult to obtain reliable proof of the origin of an attack in cyberspace because hackers hide their tracks.
The latter can, for example, pretend to be someone else, as Gérôme Billois reminds us.
“During the 2018 Pyeongchang Winter Olympics, there was an attack during the opening ceremony.
For a long time, the North Koreans were blamed because Russia, which was actually behind the attack, used tools from North Korea.
»
Is France also threatened?
France can be targeted by many attackers.
His government is also regularly targeted.
The number of attacks has been growing steadily for years because they prove very profitable for criminals.
However, France is among the most protected nations in this area.
“It has nothing to be ashamed of compared to other countries,” judges Gérôme Billois.
But on the other hand, it must persevere and continue its investments in defense, otherwise it will quickly be overwhelmed.
»
During the Paris Olympic Games, cybercriminals risk launching numerous frauds on French soil, particularly with regard to counterfeit tickets.
But Gérôme Billois focuses above all on the question of attacks “from a higher level, which could come from a State wishing to destabilize the Olympic Games.
» The latter first recalls that similar scenarios have already occurred in the past.
“Will any state try?”
Nobody has the answer.
However, it is certain that some will want to destabilize France,” he analyzes.
But for this expert, also author of the book “Cyber attack, the underside of a global threat”, the country is “aware of these threats.
An attack is never inevitable, but there are security programs that can be resisted in most cases.
»