In The News
“Partnerships are key to keep everybody up to date and mobilized for the Olympics.”
We interviewed General Éric Freyssinet, Senior Adviser on Cybercrime & Cybersecurity, and Lieutenant-Colonel Sophie Lambert, Head of the Cyber Anticipation and Crisis Management Department, both of the Ministry of Interior Cyberspace Command (COMCYBERMI) in France. This is part of our “Global Voices” series of interviews. Here, they answer our questions with a focus on safeguarding the upcoming Olympic Games from cyberattacks.
Paris 2024 is preparing to protect the Olympic Games from potential cyberattacks. What kinds of digital safety measures does the French Ministry of Interior’s Cyberspace Command (COMCYBERMI) find the most critical?
Sophie Lambert: The shared threat analysis gathered in preparation of this major international event describes three main sources of concern:
- Organized crime groups aiming to disrupt the Olympic Games complex infrastructure through ransomware campaigns, denial of service attacks, massive defacements, or fake bomb alerts.
- Ideologically motivated groups abusing the event to convey their message by damaging the image of the Olympic Games and that of the French organizers.
- Traditional criminal activities surfacing on the event itself through electronic fraud abusing the image of the Olympics through phishing campaigns.
In this context, in support of all involved partners contributing to the cybersecurity of the Games and alongside the work of the various law enforcement forces, the specific missions that COMCYBERMI has taken upon themselves are:
- To support prevention efforts and the training needs of law enforcement agencies,
- To coordinate the law enforcement contribution to the collection of online intelligence related to criminal activities,
- To contribute with staff specialized on cyber issues and participate in the National strategic command of the Ministry of Interior specifically set up for the Olympic Games, and
- To provide advanced or rare technical support staff to other law enforcement forces during their investigations upon request.
What has proven essential for us is to plan this event way in advance, participate in a number of joint exercises, and share cyber criminal intelligence with partners around the world, but also with a rich network of partners in the country coordinated by ANSSI, our national cyberdefense agency.
As a key supporter of our Global Cyber Alliance advisory network, what are your views on the role that nonprofits like GCA and the role of the nonprofits working with you play to make the Olympics pass without incident?
Éric Freyssinet: We have developed partnerships with a number of not for profit organisations in France and around the world over the years and they have not only contributed to help us better prepare the social and economic fabric for the risks ahead of us in general, and for the Olympic Games of course, but they are also an essential relay for distributing the right information to the various audiences in the tense period during those last months before the Games, to keep everybody up to date and mobilized.
Improving cybersecurity requires government and private-sector action. Do you have any examples of public-private collaboration to ensure a safe and secure Olympic Games?
Sophie Lambert: To give one example of the contribution of not for profits, the French InterCERT – a network of over 100 CSIRTs around the country – is playing an essential role in facilitating the exchange of information relating to cyber events and allowing ANSSI (*) and the law enforcement community to be informed as soon as a risk emerges. At the same time, the community as a whole is able to protect their own constituents in the various territories and economic sectors.
There is a significant increase in attacks against European infrastructure, and the electoral process triggered alerts of disruption campaigns. Many are talking about cyber conflict having reached a turning point. What can be done to ease the problem at a national and global level?
Éric Freyssinet: With regards to the attempted disruption of our democracies through disinformation campaigns, the French government has set up a dedicated organization which is monitoring and investigating those attempts called VIGINUM. This has allowed the community to have better insight into the functioning of those campaigns and raise awareness of the various actors. A number of reports were made public. Looking at those issues and taking into account the specificities of one country is important, but at the same time, just like what we do fighting cybercrime, this can only be efficient if knowledge and analyses are shared with partners including at a European or international level.
Knowing about the issue is thus essential; it helps to reduce its impact by explaining to the public. Of course, we must also keep working for a safer environment globally, but above all we need to build better resilience inside our economies and societies. For instance this means that a company targeted by a disinformation campaign must learn to communicate transparently on the issues and at the same time not to overreact. This also means that we need to better educate the public and officials about the functioning of those campaigns and how the public debate can be manipulated. We also need to keep working with the major digital actors to find innovative protections for their platforms not to be abused in this way, in a balanced and transparent fashion in order to protect our freedom of speech.
Despite the critical role of international organizations, nonprofits, and volunteers in ensuring critical services and protecting Internet infrastructure, our cybersecurity is not considered a universal right. What do you think of our global initiative, Common Good Cyber, and how can we ensure a sustained funding mechanism for organizations and individuals that help to maintain critical components of the Internet?
Eric Freyssinet: Looking at our experience with joint projects built through not for profit organizations, and maybe before and above the issue of funding, what I believe is crucial is to build organizations that have a clear focus and not only share the same objective, but also the same values. Those values have to be translated into very practical objectives, describing the roles and commitments of all partners. My advice would thus be to always create the conditions for that shared mission statement and commitment to the community.
Thus, in the context of the Common Good Cyber initiative, I really encourage organizations to have a dialogue on how they build that trust, make it grow so that everything comes down naturally through the dedicated involvement of all partners – public and private partners who join naturally the effort, the demonstrated needs for funding and transparency on the results, as well as what we all need to improve.
(*) ANSSI’s cyber threat analysis report ahead of the games can be accessed here.
Related articles:
France’s Gendarmerie Nationale partners with GCA.
Previous interview on our Global Series: