PARIS — Emmanuel Macron’s party is preparing for cyberattacks — but will have to make do without the French state’s cybersecurity apparatus.
“We have limited resources. As a campaign team, that is to say, [a] private entity, we do not benefit from the direct support of the state’s structures,” an official from La République en Marche (LREM) told reporters Wednesday.
“[France’s cybersecurity agency] Anssi can alert us, but in no case pro-actively help us as it does with public bodies such as ministries,” the official added.
The presidential election’s first round is less than three months away. In 2017, Russian-backed actors hacked Macron’s campaign and leaked troves of emails detailing the organization’s inner workings.
The majority party is expecting attacks this time around too, from ransomware groups with financial motives to foreign powers, the official said, without specifying names or countries.
LREM has implemented basic safeguards — including two-factor authentication, password managers, VPNs for employees working from home and the blocking of USB keys — and is readying for more “expensive and elaborate” attacks such as the use of tools like NSO’s Pegasus, which has already caused headaches in Europe.
Cyberattacks “in the vast majority of cases, have to do with individuals, human beings: An instruction that is not followed by the employees, a lack of training,” the official said.
In the absence of state support, the majority party is working with French companies — “small, medium and large” — but the official refused to name them or to disclose the overall budget dedicated to the campaign’s cybersecurity.
“We have an ecosystem of very good cyber companies in France. We try when we can to choose French companies, out of patriotism, and then particularly on this topic, we are vigilant about the algorithms and where the data are,” the official said.