“Keith Alexander (Director of the NSA) told me he was disappointed because he never thought we would detect them and he even added: You guys are good.” Bernard Barbier — Director of the DGSE Technical Division from 2006 to 2013

In May 2012 — between the two rounds of the Presidential election — a very suspicious malware was detected at the Élysée Palace, the residence of the French President. The help of the Technical Division of the DGSE was immediately requested. Follow us on Twitter: @Intel_Today

Today, Western Intelligence are highly concerned about the possibility that Russia will interfere with the incoming French and German elections, just like it is alleged to have happened last year in the US Presidential election. This is perhaps a good time to remember that the only agencies caught red handed in hacking/spying on the last French Presidential election are the NSA and the CIA.

After a thorough investigation of the May 2012 incident, Bernard Barbier — the Director of the DGSE Technical Division from 2006 to 2013 — came to the conclusion that the US/NSA was behind the hack.

Barbier admitted that this would have been impossible without the help of a new metadata capability the French had obtained in 2012 and Edward Snowden’s revelation of the NSA’s QUANTUM capability in 2013.

[The French newspaper “Le Monde” has published an article confirming that the US/NSA indeed hacked the Élysée Palace in 2012.]

‘Quantum Insert’ has been used to hack the machines. This type of attacks was used in the GCHQ/NSA operation against employees of the Belgian telecom Belgacom (renamed Proximus today).

“I received the order from Mr. Sarkozy’s successor to go to shout at the Americans. It was on April 12, 2013 and it was really a great moment in my professional career. We were convinced it was them. At the end of the meeting, Keith Alexander [director of the NSA from 2005 to 2014] was not happy. While we were in the bus, he told me he was disappointed because he never thought they would have been caught. He added: “You are pretty good.” As allies, we didn’t spy on them. The fact that the Americans broke this rule took us by surprise.”

The fact that the NSA spies on the French President has shocked a few people but Barbier is not too surprised.

“In the Intelligence World, you have some allies. You don’t have friends.”

How Quantum Insert Works

The French media however confirm that the NSA had used Facebook [and ‘Quantum Insert Attacks’ ] to get inside the computers of several collaborators of Sarkozy.

According to various documents leaked by Snowden and published by The Intercept and the German newspaper Der Spiegel, Quantum Insert requires the NSA and GCHQ to have fast-acting servers relatively near a target’s machine that are capable of intercepting browser traffic swiftly in order to deliver a malicious web page to the target’s machine before the legitimate web page can arrive. To achieve this, the spy agencies use rogue systems the NSA has codenamed FoxAcid servers, as well as special high-speed servers known as “shooters,” placed at key points around the internet. [WIRED]

French Capacity

According to Barbier, the difference in term of capacities between the French and the U.S. agencies is significant. The NSA enjoys a workforce 20 times larger (60,000 vs 3,000), and a budget 40 times bigger (US $50 Billions).

Even the GCHQ (UK) & UNIT 8200 (Israel) have twice more resources.

Warning & Recommendations

Barbier believes that the Intelligence capacities of France are not matching the geopolitical ambitions of the French Government.

If France gets involved in countries such Mali, Syria and Libya, then you must assume that “these guys” will not sit idle. They will attempt to make trouble in France. In his opinion, France does not have the Intelligence capacity to manage these threats.

About a United European Intelligence

Barbier ridicules the idea of a “European CIA/NSA.” However, he believes that a joint French-German Intelligence Agency could be established and would be very efficient. Such Agency would enjoy a workforce of 15 000 skilled people.

“It is impossible to build a single European intelligence agency with twenty-eight countries that don’t have the same capabilities or the same culture. The best, by population size, are the Swedes. The Italians are bad. The Spanish are a bit better, but don’t have the capabilities. And the Brits, with 6,500 staff at GCHQ [Government Communications Headquarters, the UK SIGINT agency] are very good, but are they European? And France has the strongest technical capabilities for intelligence collection in continental Europe. That leaves the Germans, who are solid partners. I’ve worked a lot with them, sometimes transmitting our knowhow and bringing them some technical capability. German and French engineers work very well together. In contrast, a British engineer with a French engineer is complicated. To be more effective, I told French politicians that we had to merge the BND [the German foreign intelligence agency] and the DGSE. It’s the only solution. It would be a an agency with 15,000 staff. The NSA has 60,000 people, and the SIGINT section of the DGSE is 3,000 agents. But the French politicians never followed up.”

Opinion on Edward Snowden

“For me, Snowden is a traitor to his country, but he has nothing to do with Julian Assange. The Americans made Snowden, who was an external contractor, a systems administrator. Those who do that job in the DGSE are bureaucrats that have between fifteen and twenty years of seniority. The possibility of having a Snowden in France is very low. Snowden showed that espionage between allies existed and that Americans compromised hardware, such as that sold by Cisco and poses a problem for technological independence. In that sense, Snowden rather helped us.”

SECRET//SI//NOFORN VISIT PRECIS BERNARD BARBIER

The secret document “SECRET//SI//NOFORN VISIT PRECIS BERNARD BARBIER” confirms that Barbier visited the NSA on April 12 2013 to discuss the attacks. The US agencies had denied involvement in January and offered assistance in attributing the attacks.

This note offers a summary of the information published by the French Media:

An initial press report from Paris Atlantico, “French Web site Says Turkish Hackers Behind Elysée Cyber Attacks.” dated 12 July 2012 stated it was believed “the attacks originated from France’s allies” and speculated Turkish hackers with possible links to Turkish “intelligence services or government bodies” might be responsible.

Barbier claims in the interview that he came easily and quickly to the conclusion that only two countries –The US and Russia — were capable of such a sophisticated attack. Based on similarities with a previous attack the DGSE had investigated and understood, Barbier was 100% convinced that the attacks were coming from the NSA.

The interview

The interview of Bernard Barbier — in French — can be watched in this video. Unfortunately, the sound is pretty bad.

REFERENCES

Les Etats-Unis ont bien piraté l’Elysée en 2012 — Le Monde 03 September 2016

How to detect sneaky NSA Quantum Insert Attacks — WIRED

=

Former DGSE Director: The Story of the NSA Hack on the French President’s House