Cyberattacks: France officially points the finger at Russia

This is a first. On April 29, 2025, French diplomacy officially attributed the hacking of Emmanuel Macron's campaign emails during the 2017 presidential election to Russian military intelligence (GRU).

This revelation highlights the extent of Russian interference in Western democratic processes and raises crucial questions about national cybersecurity.

A large-scale cyber-espionage campaign

According to a technical report from the French National Agency for Information Systems Security (ANSSI), France has been the target of a Russian cyber-espionage campaign for the past four years. This offensive has targeted various sensitive sectors, including ministries, local authorities, administrations, as well as entities in the defense, aerospace, research, economic, and financial sectors. The attacks have been carried out with remarkable precision, specifically targeting critical infrastructure and key French state actors.

The 2017 presidential campaign hack

Among the most high-profile operations was the hacking of Emmanuel Macron's campaign emails in 2017. At the time, thousands of internal documents were stolen and released online, sending shockwaves through the French political landscape. Although Russian origins were suspected, no formal proof was provided until the official French diplomatic statement in April 2025.

Sophisticated and coordinated methods

The attacks were carried out by GRU-linked hacker groups such as APT28 and Sandworm. These units used advanced phishing and spear-phishing techniques to infiltrate their targets' computer systems.

Once access was gained, they were able to exfiltrate sensitive data, compromising the security of campaign team members' personal and professional information.

This revelation sent shockwaves through Franco-Russian relations. The French government expressed deep concern about this foreign interference in the national democratic process. Diplomatic measures have been considered to respond to this violation of French sovereignty, although the details of these actions remain confidential.

On the Russian side, the Kremlin has once again denied any involvement in these cyberattacks, calling the French accusations baseless. Moscow has adopted this stance in its official Russian responses to accusations of interference in the internal affairs of other nations.

What are the challenges for national cybersecurity?

Beyond the diplomatic aspect, this affair raises fundamental questions about cybersecurity in France. The attacks have exposed vulnerabilities in the IT systems of public institutions and political parties, highlighting the need for a thorough reform of IT security practices.

ANSSI has also recommended a series of measures to strengthen the protection of sensitive data, including the implementation of stricter security protocols, ongoing training of staff on digital risks and increased collaboration with international partners in cybersecurity.