The sports category has moved to a new website.
ADVERTISEMENT

Hackers find flaw in French cyber-fortress

They knew months ago that top-of-the-range hackers had been targetting them. They believe their security measures, too, had been nothing short of top-rate. But, in the end, French presidential candidate Emmanuel Macron's team got hacked.

Emmanuel Macron's campaign team says it put in place servers protected by sophisticated software filters, recommended the use of several encrypted messaging and cellphone networks, and required double and triple authentication to access emails

They believe their security measures, too, had been nothing short of top-rate. But, in the end, French presidential candidate Emmanuel Macron's team got hacked.

And on Friday night, just an hour before the end of official campaigning, thousands of documents including emails and accounts belonging to his En Marche! (On the Move!) movement were dumped online.

"It's just incredible what's happening," said Belgian researcher Nicolas Vanderbiest, a specialist on online rumours, whose map showing how the "Macron Leak" propagated on Twitter has Wikileaks at the centre.

ADVERTISEMENT

Macron's campaign team says it put in place servers protected by sophisticated software filters, recommended the use of several encrypted messaging and cellphone networks, and required double and triple authentication to access emails.

It says it stored its information in multiple-partitioned cells, with databases separated like fortresses, accessible by passwords that were complex and regularly changed.

But a squad of shadowy hackers seem to have found the back door.

"In this kind of organisation the real potential faultline is the human element," the head of computer services for En Marche! recently told AFP, requesting anonymity.

Because security procedures can become long and cumbersome, some people can be tempted to get around them by using personal email services which are little or badly protected.

ADVERTISEMENT

'en-nnarche.com'

On April 25, a report by Japanese cyber-security company Trend Micro, blamed a so-called "phishing" attack targetting the Macron campaign on Russian hacking group Pawn Storm, also known as Fancy Bears, Tsar Team and APT28.

The group, suspected of close links to the Russian security services, is also accused of having targetted the Democratic Party during last year's US presidential election, in which Republican-backed Donald Trump defeated Democrat Hillary Clinton.

In this kind of attack, which does not require sophisticated resources, hackers can open up security gaps in software, for example during an update or through a so-called mirror site.

This would be something like "en-nnarche.com", hoping that a user when reading quickly would mistake the "nn" for an "m" and fall into the trap, revealing access codes.

ADVERTISEMENT

The principle of phishing, a classic arm in the hackers' arsenal, is to send a large number of fake emails often containing infected attachments, hoping that a distracted recipient will click on one, creating a breach in the targetted system.

The gap is unlikely to show up immediately, and the loophole it generates may be exploited weeks or months later.

The Macron campaign reacted swiftly to Friday night's data dump, saying it would take all measures necessary to shed light on the "unprecedented" incident.

But it did not seem overly worried by the substance of what had been leaked.

"Throughout the campaign, En Marche! has constantly been the party the most targeted by such attempts, in an intense and repeated fashion," it said in a lengthy statement.

ADVERTISEMENT

"The aim of those behind this leak is, all evidence suggests, to hurt the En Marche! party. Clearly, the documents arising from the hacking are all lawful and show the normal functioning of a presidential campaign."

Senator Bazira Khiari, a national delegate for En Marche!, told AFP Saturday morning: "We were informed last night... We were just told to change our passwords".

JOIN OUR PULSE COMMUNITY!

Unblock notifications in browser settings.
ADVERTISEMENT

Eyewitness? Submit your stories now via social or:

Email: news@pulselive.co.ke

Recommended articles

Marianne Kitany tactfully speaks on whether Ruto should fire her ex, CS Linturi

Marianne Kitany tactfully speaks on whether Ruto should fire her ex, CS Linturi

Gov't & opposition officials clash at Rita Tinina's burial ceremony

Gov't & opposition officials clash at Rita Tinina's burial ceremony

CS Murkomen unveils new number plates for cars that will get preferential treatment

CS Murkomen unveils new number plates for cars that will get preferential treatment

Moi University students escape through windows after road crash

Moi University students escape through windows after road crash

57,000 civil servants to have their rent reviewed upwards

57,000 civil servants to have their rent reviewed upwards

Interesting story of U.S. Army Specialist Wambui who comes from a military family

Interesting story of U.S. Army Specialist Wambui who comes from a military family

Heroic GSU officer dies after jumping out of a taxi along Thika Super Highway

Heroic GSU officer dies after jumping out of a taxi along Thika Super Highway

DJ Joe Mfalme detained for 14 more days

DJ Joe Mfalme detained for 14 more days

Explosive blows up hotel next to police station, deaths reported

Explosive blows up hotel next to police station, deaths reported

ADVERTISEMENT