Cyber Security
Managing the risk relating to interference requires addressing these cyber security issues. It takes expertise, effort, time, resources and planning to do so efficiently.
Macron’s Cyber Security Campaign
hundreds of years, way before the current cyber-era. For example, back in 1796 France reportedly influenced the outcome of a presidential election in the US . From 1946 to 2000, the US government is suspected of interfering with presidential elections in several countries, with as many as 81 individual interventions recorded by political scientist, Dov Levin, of Carnegie Mellon University .
Has Risk Management Changed? If the risks relating to political interference have existed for such a long time, then you would assume that there have always been measures for managing these risks. However, managing risk today requires a different strategy, because cyber-attack means the threat sources are entirely different and incredibly difficult to detect and mitigate. The risks can manifest a range of options, including: • Tampering with computerised transactions supporting the elections process (e.g. ballot counting and reporting); • Impacting the operations of election campaigns, which heavily rely on data sharing and communication functions; and • Impacting the credibility of candidates through the publication of sensitive information, whether accurate or not.
Early in the French presidential election campaign, Macron was reported to be a target of foreign interference because of his stance on international matters. It was also reported that other French presidential candidates, such as Le Pen or Fillon, would have been preferred by an influential foreign country. Attempts at interference, supported by cyber-attacks, were thus expected and a specific risk was identified. “We [Macron’s campaign team] have been hammered every day since December [by hackers]” (Mounir Mahjoubi, Emmanuel Macron’s campaign digital lead). Macron’s team dealt with frequent, targeted and wellcrafted spear phishing attacks according to reports. Trend Micro reported that it had discovered fake web domains associated with the Macron campaign on infrastructure they believed was used by a group named, “Pawn Storm”, with the caveat that “this [attribution claim] is not a 100% confirmation, but it’s very, very, likely” . They made this discovery by monitoring the creation of rogue, lookalike websites, which were often used by hackers to trick victims into revealing their online passwords. Trend Micro’s report provides an example of such a phishing domain, with “onedrive-en-marche.fr”, including a subtle variation from the real domain. The dots in the real address were replaced by hyphens. “If you speed read the URL, you can’t make the distinction,” said Mahjoubi . And when the fake sign-in page came up, it was, “pixel perfect.” The intent of the spear phishing campaign was to trick Macron’s team into providing their credentials, which would be used to access team communications and documents. During the campaign claims were made that “It’s serious, but nothing was compromised” (Mahjoubi, April 24), but Macron’s campaign was eventually hit with a leak on the eve of election day. It was referred to as MacronLeaks. On Friday 5th May, a trove of files was publically dumped on the anonymous document sharing site, Pastebin, under the title "EMLEAKS". Macron’s team confirmed the hack, stating it had been the “victim of a massive and co-ordinated hack … which has given rise to the diffusion on social media of various internal information”. However, the leak came too late to impact the elections. At the time of the leak, it was also unclear whether the content of the leaked documents would have warranted any tangible impact on the election process. In addition, France’s presidential electoral authority had quickly stepped in and asked the media, “to avoid transmitting information from the leaked documents and reminded them of their responsibilities given the “seriousness of the election”. They also called for a “spirit of responsibility.” The call was respected. The French media abstained from publishing the documents and commenting on them so close to election day. The French mainstream newspaper Le Monde said it had seen part of the documents and that the hacking attack was, “clearly aimed at disturbing the current electoral
Australian Cyber Security Magazine | 47