What developments have you seen in 2022 on the cyber threat front, in general and in the military field in particular? Has the war in Ukraine had a significant impact?
The war in Ukraine is both a logical continuation and a turning point. A logical continuation, because the cyber attacks are a continuation of those we have been observing since at least 2014. There has been no real breakthrough, no "cyber war" as some had predicted. No doubt because the Russians thought they would reach Kyiv in three days and did not plan any major action.
As the authorities in charge of cyber security have said on several occasions, cyber attacks remain a major concern, but they have not been as intense as feared. In strategic terms, the cyber weapon has not proved decisive. When "gunpowder talks", cyber is relegated to second place. We can't win the war thanks to cyber, but we can lose it because we haven't built a cyber defence in depth.
The turning point is illustrated by the use of cyber technology in warfare, particularly by non-state actors. Big Tech is involved, often motu proprioto come to Ukraine's aid. AWS organised the 'exodus' of strategic government data, while Starlink compensated for the loss of connectivity caused by the cyber attack on the KA-SAT satellite network. Social networks are vectors of informational warfare; the smartphone is becoming the combatant's second weapon. The population is taking part in operations, thanks to applications that enable them to track drones and missiles and transmit data to anti-aircraft defences. The Ukraine IT Army brings together several thousand volunteer "cybercombatants", whose status is sometimes highly ambiguous.
Finally, the aspect that is probably least visible but has the most long-term potential is the strengthening of European and NATO cooperation, even if cyber defence issues remain rooted in the sovereignty of each State.
What is the scale of attacks from state actors such as China or Russia?
This is a complex issue. We know that these states, along with others, are among the most active and damaging. In the past, disputes were settled by force (this is still true of major conflicts), but the " gunboat policy "This is being replaced by the "digital banderillas" of cyber attacks. But governments often act indirectly, through organised crime groups who are in a sense "third-party attackers".
The attack on the National Assembly on 27 March 2023 was claimed by a Russian group, NoName57. But it is highly likely that this group is being used as a front by Russia, which is unhappy with the recognition of the Holodomor. It is often very difficult to distinguish between state attacks and cybercriminal attacks in the strict sense of the term. We are also aware of all the difficulties associated with technical attribution and therefore political attribution. But let's not forget that not all cyber attacks come from the two states mentioned...
Are French public and private players in the defence sector well equipped to deal with the cyber threat?
Fifteen years ago, the answer would have been no. Today, I consider that very significant efforts have been made to improve our level of cyber security, and cyber defence in particular, through the growing power of the ANSSI and COMCYBER. The next military programming law, which has been before Parliament since this week, will increase our capabilities. A few months ago, the Loi d'Orientation et de Programmation pour le Ministère de l'Intérieur (LOPMI) provided for a substantial increase in the resources dedicated to preventing and combating cybercrime. This is all a step in the right direction. But I think that, halfway through the process, we need to increase the human and material resources.