“We have to wonder if France can continue to do without strong strategic coordination of cybersecurity with the president”
Grandstand. In July 2021, we analyzed Europe’s weaknesses in the face of cyberattacks and proposed lines of response. Since then, the strategic context in cyberspace has worsened, mainly to the detriment of the European Union and its members. Essentially, this is due to a strengthening of the United States – Russia duopoly, highlighted in the Ukrainian affair as in the cyber field: in September, the DarkSide and REvil groups, responsible for major ransomware attacks then scuttled under American pressure and by the Russian authorities, resuscitated (DarkSide becoming BlackMatter) and resumed their attacks.
The American reaction is the implementation of the Biden doctrine, set out after the summit organized with Vladimir Putin, in June 2021, in Geneva: those responsible for attacks against American critical infrastructures must be neutralized by the Russian authorities, or failing that by the United States’ own capabilities.
In fact, on October 21, three days after an attack paralyzing a television network, the various REvil sites were the object of massive destructive cyberattacks, causing the deep disarray of its executives speaking on the Web. A few hours later, a dispatch from [l’agence de presse britannique] Reuters explains that this technical neutralization was carried out jointly by the US Cyber Command, the FBI and the Secret Service.
The message is heard: the 1er November 2021, BlackMatter, denounced for its ransomware attacks by the US Federal Cybersecurity Agency, announces that it is ending all its activities “under pressure from the authorities”, then disappears. The next day, William Burns, director of the CIA, has conversations in Moscow with the secretary of the Russian Security Council and with his counterpart, head of the SVR. He will also have a telephone exchange with Vladimir Putin. The items on the agenda are Ukraine and… cybersecurity. There is no doubt that after the American elimination of the group REvil, the Russian leaders preferred to take the lead in ordering BlackMatter to disappear.
An ecosystem based in Russia
Throughout the fall, General Nakasone, who simultaneously heads the National Security Agency (NSA) and Cyber Command, multiplies public interventions on ransomware. Since mid-2021, its services have considered such attacks to be breaches of national security that legitimize the use of offensive cyber means for “dissuade and hinder them”. At the same time, Russia, through its think tanks and an article published on September 29, 2021 in Kommersant, welcomes this new cooperation with the United States against cybercrime.
You have 64.04% of this article left to read. The following is for subscribers only.