France Will Hack Its Enemies Back, Its Defense Secretary Says

France's defence secretary Florence Parly had a declaration to make this week: "Cyber war has begun." And she said the Euro nation's military will use its "cyber arms as all other traditional weapons... to respond and attack," as well as setting up a military bug bounty program. From a report: Parly made her pledges during a speech to the Forum International de Cybersecurite (FIC) in the northern French town of Lille. Her speech was on a topic that most Western countries shy away from addressing directly in public. "The cyber weapon is not only for our enemies," said France's defence secretary this afternoon, speaking through a translator. "No. It's also, in France, a tool to defend ourselves. To respond and attack." Her remarks will be seen as moving the debate about offensive cyber capabilities -- not just so-called "active defence" but using infosec techniques as another weapon in the arsenal of state-on-state warfare -- to a new level.

Well, they say MAD worked..

[bobbied]

The problem here is that you have to at least demonstrate that you have the capability to destroy your enemies or it's kind of pointless and very dangerous to try this tactic. You are just asking for trouble if you cannot back it up. I'm thinking this is misguided.

Has France invented something more effective hacking tools than their Maginot line was during WWII? (Asking for a friend...)

Re:Please dont declare war

[bobbied]

You know Hitler did just this, he'd just go on and invade, forget the formality of declaring war. It just wastes time.

In fact, some argue that it was his departure from this principle, declaring war on the USA, that eventually got his head handed to him. Had he not formally got the USA into a war with Germany, it's possible that with the provocation of Japan's bombing of Pearl Harbor the USA would have been content with "Lend Lease" a lot longer, perhaps long enough for Germany to lock up Europe and get Russia to surrender before having to fight the USA on a second front.

But, it doesn't matter. In my estimation, you will have wars where you have them and declaring them isn't but a formality anyway.

Find the real targets before launching, please

[ctilsie242]

With how trivial it is to hide an attack in another country and blame it on another group, I hope France at least gets some surety of whom they are hacking back, because it seems like this can harm innocent parties, or parties which already have been breached.

Also, what is the end goal of "hacking back"? "rm -rf --no-preserve-root /" on the bad guys' machines may sound cool, but the bad guys likely have better backups than 95% of the companies out there and would be back in business in no time. Finding out whom the attacker is? At best, you may net a zombie "client", and maybe find a C&C IP address range.

State on state warfare as in going after another nation's power grid. Oftentimes hacking are asymmetric attacks. There may not be a power grid to speak of in some countries. Others would take that as an act of war, and respond with nukes or other weaponry.

Instead, maybe France needs to take a page from China and other countries, and that would be to see about better firewalling at their physical border routers, so attacks from foreign sources are stopped there, rather than at the hosts themselves. It might be wise to just block entire countries' IP space completely, if it is confirmed without a reasonable doubt that that country has state actors trying to do stuff.

Or, create an organization like UL and have component makers pass basic security testing before it is allowed to be sold, especially IoT stuff. It may not even hurt to make top brass of companies (you know, the guys who say "security has no ROI", then short the company stock before a security breach announcement is made) personally and criminally liable for breaches.

There is a lot countries can do to make themselves less of a target. "Hack them back" just doesn't sound feasible. Way too easy to launch attacks from someone else's territory. One thing countries can do is just not play ball. If Lower Elbonia is always a source of attacks via their state government, block their IP ranges at the routers, and call it done. If a corporation in another country is causing issues due to lack of security, block their range, or put the range in a blackhole list and let the ISPs do the blocking.