In May, says L’Express, the computers of Nicolas Sarkozy were the victims of a cyber-espionage operation that was ‘hypersophistiquée’ originating from ‘l'ami américain.’ This conclusion is reached because the malware has “the same extremely powerful features of a computer worm called Flame,” already linked to the US Olympic Games program; and could only have been achieved by a powerful and well-resourced adversary. Needless to say it is officially denied – or at least obfuscated – by the US. “We categorically refute allegations... France is one of our best allies...” responded Mitchell Moss of the US Embassy in Paris. “Janet Napolitano, Secretary of Homeland Security in the Obama administration, has neither confirmed nor denied our information,” said L’Express (although in reality she could do little else whether the US was involved or not).
The attack would appear to be the same incident that reportedly required the Élysée Palace network to be shut down and rebuilt over a period of three days during the transition to the new presidency in May (Le Télégramme). The official cause was “preparing the transition to a new team;” but a cyber attack was always suspected.
L’Express now suggests it was achieved by social engineering and spear-phishing via Facebook. Élysée Palace staff were befriended on Facebook. An email suggested they connect to the Palace network; but clicking the provided link rather than going direct to the site led to a fake page that looked just like the Palace log on page. So when the staff entered the network, they also provided the attackers with their credentials – and having obtained these, the attackers were able to infiltrate the Élysée Palace and drop the ‘Flame-like’ malware.
France and the US have a long history of mutual industrial espionage (see Wikipedia). Both countries aggressively protect their own industrial base. With the imminent arrival of a new socialist president, and France’s continued pivotal position in the European Union, it would be only natural for the US to wish to be closely informed. It would be naive to believe that friendly nations do not spy on each other: political allies are usually economic competitors. But it is also virtually impossible to prove the origin of a cyber attack: these are allegations only.