Cyber attack on ministry 'targeted G20 information'
Issued on: Modified:
France’s finance ministry was the target of one of the largest ever cyber-attack on a French government office, the government has confirmed. According to experts, the hackers were after documents relating to the G20.
France’s finance ministry was targeted by cyber spies last December, budget minister and government spokesman said on Monday, confirming reports in the media of a "spectacular" attack".
Responding to a story published in the magazine Paris Match, Budget Minister Francois Baroin said the spies had accessed several “relatively unimportant” documents.
The attack, which was only discovered by officials in January, is said to be the largest ever on a French government ministry. Baroin added that the objective of the attack was to gain access to “information related to the G20”.
The so-called Group of 20 countries counts the world’s most important economies and is being chaired by France during 2011.
The French Network and Information Security Agency (FNISA), a government agency, told France 24 that the stolen documents “involved international finance and world trade.” Paris Match in its article suggested that French taxpayers’ information had also been targeted.
A pinpointed strike
FNISA’s spokesman said operations to secure the finance ministry’s computer system from further attacks required the unprecedented step of shutting down the ministry's internet connection over the weekend.
“Between 10,000 and 12,000 workstations have been secured,” the spokesman said, adding the threat of further attacks was diminished.
The internet viruses were introduced via emails to ministry employees FNISA told FRANCE 24. “Trojan Horse” software, or a seemingly benign programme that steals information or harms a system, was used to gain access to computers remotely.
"The targeted employees knew the attackers and the virus were introduced in attachments that personally interested those employees,” FNISA said.
Once inside the finance ministry’s system, the cyber attackers took control of 150 workstations, out of the 170,000 used in the ministry.
“All the identified victims had the common trait of containing documents related to the G20,” FNISA said. This thesis is backed up by a similar attack six months ago on the Canadian Ministy of the Economy, which hosted the last G20 summit in Toronto.
The identity of the attackers is still unknown, according to Baroin, who added that France’s intelligence services were put on the case and some would not present its first finding for several weeks.