CybersecurityParis G20 files stolen in cyber attack

Published 18 March 2011

The French government recently confirmed that hackers have stolen sensitive files from the February G20 summit in Paris; in targeted attacks aimed at stealing specific files, more than 150 of the French Budget Ministry’s 170,000 computers were affected; officials say this was the first attack of this size and scale against the French government; circumstantial evidence points to China, but there is no clear indication to suggest the attacks were government sponsored; the most recent attack against the French government is the latest in a string of cyber attacks on companies and governments around the world with evidence pointing to China

Hackers penetrated French security // Source: euronews.net

The French government recently confirmed that hackers have stolen sensitive files from the February G20 summit in Paris.

In targeted attacks aimed at stealing specific files, more than 150 of the French Budget Ministry’s 170,000 computers were affected.

According to Patrick Pailloux, the director general of the French National Agency for IT Security, the data was stolen by “a number of professional, determined and persistent hackers.”

Pailloux noted that this was “the first attack of this size and scale against the French state” and confirmed that hackers had taken sensitive documents.

Francois Baroin, the budget minister, added, “We have leads.”

Paris Match magazine initially broke the story suggesting that a sustained intrusion had stolen files related to the G20 and other international financial affairs.

The magazine quoted an anonymous French official saying, “We noted that a certain amount of the information was redirected to Chinese sites. But that [in itself] does not say very much.”

During the summit, in an effort to head off further financial crises, world leaders had agreed on a list of targeted countries that needed to reduce trade imbalances.

The negotiations were often tense as China opposed plans to target exchange rate valuations, currency reserves, and economic surpluses.

According to French Finance Minister Christine Lagarde, “The negotiations were frank, sometimes tense.”

Many of China’s trading partners, in particular the United States, have accused China of artificially undervaluing its currency by buying up trillions of dollars in foreign reserves to gain an unfair competitive advantage.

Cyber attacks are nearly impossible to attribute, but the most recent attack against the French government is the latest in a string of attacks on companies and governments around the world with evidence pointing to China.

McAfee analysts recently determined that a series of highly targeted cyber attacks stole sensitive financial data worth millions of dollars from five major multinational oil and gas companies.

Evidence suggests that the attacks may have originated from China, but according to Dmitri Alperovitch, vice president for threat research at McAfee, it remains unclear if the attacks were “government sponsored in any way.”

McAfee traced some of the attacks to a server in Shandong Province, China which hosted one of the pieces of malware. Analysts also found that the attacks were conducted using IP addresses in Beijing during the hours of 9 a.m. and 5 p.m.

In another instance, last year, information on the e-mail accounts of foreign journalists and human rights activists in China were stolen from American Internet giants Yahoo and Google.

This set off an escalating confrontation between Google and the Chinese government, with the search engine redirecting all of its traffic through uncensored servers in Hong Kong.

The Chinese government fired back publicly stating that it was “totally wrong” to blame them for the attacks, despite the fact that the source code of the attacks had originated in China.