A Peek Into French Signals Intelligence

Uploaded on 2016-09-28 in NEWS-News Analysis, INTELLIGENCE--International, FREE TO VIEW

Bernard Barbier, the former head of signals intelligence (SIGINT) between 2006 and 2014 at France’s foreign intelligence agency (DGSE), gave a speech at one of France’s top engineering schools in which he reflected on his career and imparted some of his wisdom to students. 

He also said some things that he probably shouldn’t have, like confirming that France was behind the Animal Farm advanced persistent threat, commenting on the SIGINT capabilities of European allies, and reacting to the revelation that the US National Security Agency (NSA) had compromised the networks of the French presidency.

Recently, Barbier’s speech surfaced on YouTube but was quickly taken down. However, it was up long enough for French daily Le Monde to transcribe some of the highlights. Here they are, paraphrased and translated from the original French.

1.   Shouting At Americans

 “I got the order from Mr. Sarkozy’s successor [current President Hollande] to shout at the Americans … it was a great moment in my professional career” 
Barbier recalls that he was first informed of a possible compromise at the Élysée palace in 2012, when a former colleague working IT security at the palace reached out for analysis on a piece of malware. With the help of a new metadata capability the French obtained in 2012 and Edward Snowden’s revelation of the NSA’s QUANTUM capability in 2013, Barbier’s staff concluded that the attack on the Élysée was the work of the United States. Barbier recalls:

I received the order from Mr. Sarkozy’s successor to go to shout at the Americans. It was on April 12, 2013 and it was really a great moment in my professional career. We were convinced it was them. At the end of the meeting, Keith Alexander [director of the NSA from 2005 to 2014] was not happy. While we were in the bus, he told me he was disappointed because he never thought they would have been caught. He added: “You are pretty good.” As allies, we didn’t spy on them. The fact that the Americans broke this rule took us by surprise.

2.    “And yes, it was a Frenchman” 

In 2014, Le Monde published documents from the Snowden archive revealing that Canada’s SIGINT agency, the Communications Security Establishment (CSE), suspected that Paris was behind a cyber espionage campaign that began in 2009 targeting Iran’s nuclear program but also targeting computers in Canada. CSE was able to attribute the campaign to the French based on some reverse engineering revealing that the malware developer used references to a French children’s cartoon character, Babar the Elephant. That reference also led Kaspersky to baptise the malware Animal Farm. Barbier recalls that CSE “concluded that he [the malware author] was French. And yes, it was a Frenchman.”

3.    Merger with Germany's BND

The pipe-dream of united European intelligence agency and the possibility of merging French and German intelligence. In one of the more surprising aspects of Barbier’s speech, he mused about the possibility of creating a European intelligence agency but quickly dismissed the notion, noting that only a fusion of French and German intelligence agencies would be feasible.

It is impossible to build a single European intelligence agency with twenty-eight countries that don’t have the same capabilities or the same culture. The best, by population size, are the Swedes. The Italians are bad. The Spanish are a bit better, but don’t have the capabilities. And the Brits, with 6,500 staff at GCHQ [Government Communications Headquarters, the UK SIGINT agency] are very good, but are they European? And France has the strongest technical capabilities for intelligence collection in continental Europe.

That leaves the Germans, who are solid partners. I’ve worked a lot with them, sometimes transmitting our knowhow and bringing them some technical capability. German and French engineers work very well together. In contrast, a British engineer with a French engineer is complicated.

To be more effective, I told French politicians that we had to merge the BND [the German foreign intelligence agency] and the DGSE. It’s the only solution. It would be a an agency with 15,000 staff. The NSA has 60,000 people, and the SIGINT section of the DGSE is 3,000 agents. But the French politicians never followed up.

Merging the BND and the DGSE would have made for some awkward conversations given that last year, news reports revealed that the BND had been spying on France.

4.    Snowden is a traitor that “rather helped us”

Finally, Barbier gives his opinion on Edward Snowden, presumably in response to a question from the audience.
"For me, Snowden is a traitor to his country, but he has nothing to do with Julian Assange. The Americans made Snowden, who was an external contractor, a systems administrator. Those who do that job in the DGSE are bureaucrats that have between fifteen and twenty years of seniority. The possibility of having a Snowden in France is very low. Snowden showed that espionage between allies existed and that Americans compromised hardware, such as that sold by Cisco and poses a problem for technological independence. In that sense, Snowden rather helped us."

DefenseOne:     Le Monde

 

 

« Volkswagen Launches Automotive Cybersecurity Firm
New University Graduate Course: Cyber Anti-Terrorism »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Spiceworks

Spiceworks

Spiceworks provide a range of free apps for IT professionals including network inventory, network monitor, and help desk.

Covenco

Covenco

Covenco is a data management and IT infrastructure specialist. Working with customers to transform their IT environments, with data protection and security at the forefront of everything we do.

Athena Dynamics

Athena Dynamics

Athena Dynamics focuses on Cyber Security, especially in Critical Information Infra-structure Protection and Enterprise IT Operation Management products and Services.

ITC Secure Networking

ITC Secure Networking

ITC are a leading cloud-based MSSP delivering service innovation in cyber security analytics & cloud technology.

LIFARS

LIFARS

LIFARS is a global leader in Digital Forensics and Cyber Resiliency Services.

BA-CSIRT

BA-CSIRT

BA-CSIRT is a center which is dedicated to assist and raise awareness among citizens and the Government of the City of Buenos Aires in everything related to information security.

LuJam Cyber

LuJam Cyber

LuJam Cyber is a cybersecurity company that provides protection to SME Networks.

Police Digital Security Centre (PDSC)

Police Digital Security Centre (PDSC)

PDSC is a not-for-profit organisation, owned by the police, that works across the UK in partnership with industry, government, academia and law enforcement.

Raqmiyat

Raqmiyat

Raqmiyat provides end-to-end IT Services and business solutions including consultancy, digital transformation, infrastructure and cybersecurity.

Wickr

Wickr

Wickr's mission is to secure the world's most critical communications. Wickr provides the highest standard of encryption trusted by millions worldwide.

IntelliDyne

IntelliDyne

IntelliDyne is a leading information technology consulting firm enabling better mission performance through innovative technology solutions.

Acumera

Acumera

Acumera is a leader in managed network security, visibility and automation services.

Critical Insight

Critical Insight

Critical Insight provide Managed Detection and Response, Vulnerability Detection, and Cyber Security Consulting Services to help you secure your mission-critical systems.

Trustmarque

Trustmarque

Trustmarque delivers customer-centric IT solutions that enable better outcomes. We combine the technology, expertise and services to release value at every stage of the IT lifecycle.

Eurotech

Eurotech

Eurotech provides Edge Computers and IoT solutions. We help to connect your assets and make them smarter through secure and agnostic hardware and software technologies.

Neya Systems

Neya Systems

Neya Systems, a leader in advanced off-road autonomy and high-level multi-robot mission planning, provides innovative solutions for uncrewed ground, aerial, and surface vehicles.