3_cyber defense
π Digital
Are we prepared for a cyberpandemic?

Four thousand soldiers to defend cyberspace

Sophy Caulier, Independant journalist
On March 3rd, 2021 |
3 mins reading time

Didier Tisseyre
Didier Tisseyre
Commander of cyber-defence in the French Armed Forces
Key takeaways
  • According to the Minister for the Armed Forces (Florence Parly), France was targeted by more than 800 cyberattacks during the first 9 months of 2019.
  • Attackers can be both independent hackers as well as other states.
  • To defend itself, the French government created ComCyber in 2017, an army corps specifically dedicated to cyberspace.
  • By 2025, France will have 4000 “cyber-soldiers”, with a total budget of €1.6bn.
  • All conflicts, such as the fight against jihadism, have a digital scope.

In our dig­i­tal era, nation­al defence and the mil­i­tary also oper­ate in cyber­space to fight off the increas­ing num­bers of attacks in this new battlefield.

The dig­i­tal trans­for­ma­tion of all activ­i­ties goes hand in hand with an increase in attack sur­face with new vul­ner­a­bil­i­ties for cit­i­zens, com­pa­nies and insti­tu­tions, but also for the defence and mil­i­tary sec­tors. In the same way that crim­i­nals have invest­ed in cyber­space, extrem­ist groups, ter­ror­ist organ­i­sa­tions or back rooms act­ing on the behalf of for­eign states, take advan­tage of this vir­tu­al space with­out bor­ders in which they can act rapid­ly and per­ma­nent­ly cov­er their tracks.

In Octo­ber 2019, Flo­rence Par­ly, the French Min­is­ter for the Armed Forces, declared that France had already been tar­get­ed over 800 times by cyber­at­tacks in only 9 months*. The objec­tives of these attacks were the same than those before the dig­i­tal age: espi­onage, desta­bil­i­sa­tion, sab­o­tage, manip­u­la­tion, etc. The attack­ers, who adapt­ed to the avail­able tech­no­log­i­cal means, are groups of hack­ers seek­ing data to sell, back doors onto the pay­roll or at the ser­vice of for­eign states.

This con­text led the Min­istry of the Armed Forces to build an oper­a­tional com­mand ded­i­cat­ed to cyber defence: “Com­Cy­ber”. Cyber­space is now a new field of oper­a­tion and even though cyber defence does not have an army per se, it acts in the same capac­i­ty as the Ground, Naval, Air and Space armed forces.

Cre­at­ed in May 2017, Com­Cy­ber is in charge of mil­i­tary cyber defence. The 2019–2025 mil­i­tary pro­gram­ming law allo­cat­ed a bud­get of 1.6 bil­lion euros and the recruit­ment of 1100 cyber-sol­diers to the com­mand. When asked to explain his role, the Gen­er­al Didi­er Tis­seyre, replied with­out hes­i­ta­tion, “I am paid to be para­noid. Our mis­sion is to fend off any mil­i­tary attack against our nation State”.

The tone is set. “Today in cyber­space, we are not in a time of war or peace, but in a state of per­ma­nent cri­sis!”, he adds. The mis­sions of Com­Cy­ber cov­er two main areas in the fight against cyber­crime: defence (LID, Lutte infor­ma­tique Défen­sive) and offence (LIO, Lutte infor­ma­tique Offen­sive). Fight­ing against jihadists, for exam­ple, now requires ground and air forces, as well as sol­diers in cyberspace.

The pur­pose of Com­Cy­ber is not only to defend the infor­ma­tion sys­tems of all the enti­ties of the Min­istry of the Armed Forces against attacks, but also to defend embed­ded com­put­er sys­tems used in oper­a­tions. These are found in weapons, indus­tri­al machin­ery, ener­gy sup­ply equip­ment, etc. This equip­ment is as much if not more like­ly to be attacked through dig­i­tal media, as shown by the expe­ri­ence of the U.S. Depart­ment of Defense. For sev­er­al years, it has organ­ised open chal­lenges dur­ing which “white hats”, or “eth­i­cal” hack­ers, are invit­ed to test the resilience of secu­ri­ty sys­tems and seek vul­ner­a­bil­i­ties. In 2019, it only took 48 hours for clever hack­ers to take con­trol of a F‑15 Eagle fight­er air­craft. These things do not hap­pen only in movies!

The French Min­istry of Armed Forces also per­forms these secu­ri­ty flaw hunts called “bug boun­ty” pro­grams. With one dif­fer­ence: eth­i­cal hack­ers are recruit­ed among the cyber-defence reservists and the civil­ian and mil­i­tary per­son­nel of the Min­istry of Armed Forces.

New chal­lenges call for new types of organ­i­sa­tion and meth­ods. The min­istry now includes 3000 cyber-sol­diers (4000 are planned for 2025) and one-third of these is direct­ly attached to Com­Cy­ber. The oth­er two-thirds are divid­ed in dif­fer­ent ser­vices of the Min­istry of the Armed Forces, or post­ed in spe­cialised ser­vices such as the Nation­al Agency for the Secu­ri­ty of Infor­ma­tion Sys­tems (ANSSI, Agence nationale de la sécu­rité des sys­tèmes d’in­for­ma­tion).

And, con­trary to what one may think, they are not all cod­ing experts. “It is true that we need dig­i­tal spe­cial­ists, but we also need experts in geopol­i­tics, social engi­neer­ing, social net­works, mil­i­tary oper­a­tions, etc.”, indi­cates Didi­er Tisseyre.

*Since this inter­view, in a recent study Neustar esti­mate that the num­ber of cyber­at­tacks dur­ing the first 6 months of 2020 was 151% high­er than the fig­ures for the same peri­od of the pre­vi­ous year. They con­clude there­fore that the Covid cri­sis has had an impact on cybersecurity.

Hos­pi­tals, vic­tims of a cyberpandemic? 

The test­ing of hos­pi­tals seems to be anoth­er point in com­mon between a real pan­dem­ic and a cyber­pan­dem­ic. Accord­ing to the con­sult­ing firm PwC, the num­ber of cyber­at­tacks on health­care insti­tu­tions increased by 500% in 2020 1. In Feb­ru­ary 2021 alone, two French hos­pi­tals (Dax and Ville­franche-sur-Saône) fell vic­tim to RYUK ran­somware. The virus paral­ysed their com­put­er sys­tems for sev­er­al weeks and encrypt­ed patient files, forc­ing them to return to paper and pen in an emergency. 

Whilst these attacks have not result­ed in deaths – as was the case in Sep­tem­ber 2020 in Düs­sel­dorf, where a cyber­at­tack pre­vent­ed the oper­a­tion of a patient in crit­i­cal con­di­tion – their dan­ger­ous­ness seems to be grow­ing. As such, gov­ern­ments are begin­ning to pro­vide funds to deal with them. In the Unit­ed States, the Med­ical Device Safe­ty Action Plan announced in 2018 aims to mod­ernise and secure dig­i­tal devices used in the coun­try’s med­ical ser­vices. The French gov­ern­ment has also pre­sent­ed a bud­get of €350 mil­lion to increase the num­ber of IT audits and train­ing in hospitals.

1« Glob­al top health indus­try issues: Defin­ing the health­care of the future »: https://​www​.pwc​.com/​g​x​/​e​n​/​i​n​d​u​s​t​r​i​e​s​/​h​e​a​l​t​h​c​a​r​e​/​t​o​p​-​h​e​a​l​t​h​-​i​n​d​u​s​t​r​y​-​i​s​s​u​e​s​.html