Four thousand soldiers to defend cyberspace

In our dig­i­tal era, nation­al defence and the mil­i­tary also oper­ate in cyber­space to fight off the increas­ing num­bers of attacks in this new battlefield.

The dig­i­tal trans­for­ma­tion of all activ­i­ties goes hand in hand with an increase in attack sur­face with new vul­ner­a­bil­i­ties for cit­i­zens, com­pa­nies and insti­tu­tions, but also for the defence and mil­i­tary sec­tors. In the same way that crim­i­nals have invest­ed in cyber­space, extrem­ist groups, ter­ror­ist organ­i­sa­tions or back rooms act­ing on the behalf of for­eign states, take advan­tage of this vir­tu­al space with­out bor­ders in which they can act rapid­ly and per­ma­nent­ly cov­er their tracks.

In Octo­ber 2019, Flo­rence Par­ly, the French Min­is­ter for the Armed Forces, declared that France had already been tar­get­ed over 800 times by cyber­at­tacks in only 9 months*. The objec­tives of these attacks were the same than those before the dig­i­tal age: espi­onage, desta­bil­i­sa­tion, sab­o­tage, manip­u­la­tion, etc. The attack­ers, who adapt­ed to the avail­able tech­no­log­i­cal means, are groups of hack­ers seek­ing data to sell, back doors onto the pay­roll or at the ser­vice of for­eign states.

This con­text led the Min­istry of the Armed Forces to build an oper­a­tional com­mand ded­i­cat­ed to cyber defence: “Com­Cy­ber”. Cyber­space is now a new field of oper­a­tion and even though cyber defence does not have an army per se, it acts in the same capac­i­ty as the Ground, Naval, Air and Space armed forces.

Cre­at­ed in May 2017, Com­Cy­ber is in charge of mil­i­tary cyber defence. The 2019–2025 mil­i­tary pro­gram­ming law allo­cat­ed a bud­get of 1.6 bil­lion euros and the recruit­ment of 1100 cyber-sol­diers to the com­mand. When asked to explain his role, the Gen­er­al Didi­er Tis­seyre, replied with­out hes­i­ta­tion, “I am paid to be para­noid. Our mis­sion is to fend off any mil­i­tary attack against our nation State”.

The tone is set. “Today in cyber­space, we are not in a time of war or peace, but in a state of per­ma­nent cri­sis!”, he adds. The mis­sions of Com­Cy­ber cov­er two main areas in the fight against cyber­crime: defence (LID, Lutte infor­ma­tique Défen­sive) and offence (LIO, Lutte infor­ma­tique Offen­sive). Fight­ing against jihadists, for exam­ple, now requires ground and air forces, as well as sol­diers in cyberspace.

The pur­pose of Com­Cy­ber is not only to defend the infor­ma­tion sys­tems of all the enti­ties of the Min­istry of the Armed Forces against attacks, but also to defend embed­ded com­put­er sys­tems used in oper­a­tions. These are found in weapons, indus­tri­al machin­ery, ener­gy sup­ply equip­ment, etc. This equip­ment is as much if not more like­ly to be attacked through dig­i­tal media, as shown by the expe­ri­ence of the U.S. Depart­ment of Defense. For sev­er­al years, it has organ­ised open chal­lenges dur­ing which “white hats”, or “eth­i­cal” hack­ers, are invit­ed to test the resilience of secu­ri­ty sys­tems and seek vul­ner­a­bil­i­ties. In 2019, it only took 48 hours for clever hack­ers to take con­trol of a F‑15 Eagle fight­er air­craft. These things do not hap­pen only in movies!

The French Min­istry of Armed Forces also per­forms these secu­ri­ty flaw hunts called “bug boun­ty” pro­grams. With one dif­fer­ence: eth­i­cal hack­ers are recruit­ed among the cyber-defence reservists and the civil­ian and mil­i­tary per­son­nel of the Min­istry of Armed Forces.

New chal­lenges call for new types of organ­i­sa­tion and meth­ods. The min­istry now includes 3000 cyber-sol­diers (4000 are planned for 2025) and one-third of these is direct­ly attached to Com­Cy­ber. The oth­er two-thirds are divid­ed in dif­fer­ent ser­vices of the Min­istry of the Armed Forces, or post­ed in spe­cialised ser­vices such as the Nation­al Agency for the Secu­ri­ty of Infor­ma­tion Sys­tems (ANSSI, Agence nationale de la sécu­rité des sys­tèmes d’in­for­ma­tion).

And, con­trary to what one may think, they are not all cod­ing experts. “It is true that we need dig­i­tal spe­cial­ists, but we also need experts in geopol­i­tics, social engi­neer­ing, social net­works, mil­i­tary oper­a­tions, etc.”, indi­cates Didi­er Tisseyre.

*Since this inter­view, in a recent study Neustar esti­mate that the num­ber of cyber­at­tacks dur­ing the first 6 months of 2020 was 151% high­er than the fig­ures for the same peri­od of the pre­vi­ous year. They con­clude there­fore that the Covid cri­sis has had an impact on cybersecurity.