PARIS (AP) — The French government accused a hacking group linked to Russian military intelligence of cyberattacks over three years, targeting the Paris Olympics, French government agencies and companies.
A report released Tuesday by France’s cybersecurity agency, ANSSI, outlined cyber incidents from 2021 through 2024, which it attributes to a group called APT28, also known as Fancy Bear. The report said the hacking aimed to collect intelligence, notably in the context of Russia’s war in Ukraine.
France is among Ukraine’s most vocal backers, and its government is working to ensure that an eventual US-brokered peace deal doesn’t further embolden Russia and threaten Europe’s security.
The French Foreign Ministry said the hacking was linked to the Russian military intelligence agency GRU, and targeted French entities including a ″sports organization linked to the planning of the 2024 Paris Olympic and Paralympic Games.″ It didn’t identify the organization or detail the impact of the cyber-meddling.
The cybersecurity agency said other targets included those involved in aerospace, finance, national government ministries and local governments. It didn’t name them.
More than a dozen reports in 2023 and 2024 pointed to an intensifying effort from Russia to undermine France through disinformation campaigns, particularly the Paris Olympics. Russian athletes’ participation in the Olympics has been curtailed for years because of the Russian invasion of Ukraine and state-sponsored doping.
The Russian Embassy in France and the Kremlin have denied any interference in the Paris Olympics.
Responding to the French announcement Monday, Google Threat Intelligence Group chief analyst John Holquist said in a statement that “targeting of the Games by the GRU was heavily anticipated … Even though the games are a potent symbol of international cooperation, they are still the target of malicious intelligence operations.”
APT28 and the GRU have also been linked to global cyber intrusions, including in the 2016 US election, where they were accused of aiding Donald Trump by leaking Democratic Party emails.
The French Foreign Ministry named a specific GRU unit, Unit 20728, as being behind the 2021-2024 cyberattacks. The cybersecurity agency report also mentions unspecified attacks on entities in Ukraine, elsewhere in Europe and North America.
“These destabilizing activities are unacceptable and unworthy of a permanent member of the UN Security Council,” the Foreign Ministry said in a statement. “Alongside its partners, France is determined to use all the means at its disposal to anticipate, discourage and react to Russia’s malicious behavior in cyberspace.”
___
Associated Press writer Kelvin Chan in London contributed to this report.