French authorities said a secret unit from Russia’s military intelligence service is implicated in a series of hacking operations that have taken place since 2021.
“In cyberspace, France observes, blocks, and fights its adversaries.”
France’s Ministry for Europe and Foreign Affairs also revealed the name and location of a GRU unit that contributes to APT28 called Unit 20728.
In a statement, the ministry said that since 2021, this attack procedure has been used to target or compromise a dozen French entities.
It said that these entities are active participants in French life, such as public services, private companies, and a sports organisation linked to the organisation of the 2024 Olympic and Paralympic Games.
It said that in the past, this modus operandi was also used by the GRU in the sabotage of the TV5 Monde television channel in 2015.
The station’s Facebook page also had a message warning French troops to stay away from the “Islamic State.”
ID cards of relatives of French soldiers were also posted.
Authorities said that the same unit tried to destabilize the French electoral process in 2017.
France was on its highest security alert during the Olympics.
In the run-up to the games, French Interior Minister Gerald Darmanin warned of the threat of terrorist attacks from Islamist extremists and Iranian-backed pro-Hamas groups.
“Many European partners have also been targeted by APT28 in recent years,” the ministry said.
“These destabilizing activities are unacceptable and unworthy of a permanent member of the UN Security Council.
“They are also contrary to the United Nations standards on the responsible behaviour of states in cyberspace, to which Russia has subscribed.”
France’s National Information Systems Security Agency published a report on April 30 about the threat related to APT28 to prevent future attacks.
The report said that APT28 operators conduct “phishing campaigns” to trick people into giving up sensitive information such as passwords, credit card numbers, and personal data.
The operators also use “brute-force attacks,” particularly against webmail platforms, while exploiting vulnerabilities, it said.
It said that the hacking group’s attack methodology, which has been active since at least 2004, is routinely used to target government and military organizations, as well as the defense, energy, and media sectors, particularly in Europe and North America.
According to a report by France’s National Cybersecurity Agency, which came out in March, there were 4,386 security issues in 2024, a 15 percent increase from 2023.
It attributed the bulk of these to entities known to be linked to Russia and China, saying, “2024 saw a rise in attacks aimed purely at destabilization, primarily conducted by hacktivist groups.”
The Epoch Times contacted Russia’s embassy in Paris for a response but received no reply by publication time.
