France Blames Russia for Cyberattacks Targeting Macron’s Election Campaign
La France affirme avoir été la cible d’opérations de piratage informatique menées par la Russie lors de la campagne présidentielle d’Emmanuel Macron, pointant du doigt des tentatives d’ingérence numérique visant à déstabiliser le processus démocratique.
Tl;dr
- France accuses Russian GRU of cyberattacks since 2015.
- APT28 targets key institutions and elections.
- Threats escalate ahead of Paris 2024 Olympics.
Growing Cyber Threats Targeting France
Over the past several years, France has faced mounting digital hostility from the Russian military intelligence agency, known as the GRU. On April 29, 2025, French diplomat Jean-Noël Barrot sounded a new alarm: these cyber operations are not just occasional events but form a persistent strategy aimed at destabilizing the country’s political and economic core. Most notably, attacks have targeted both high-profile events—like the 2017 presidential campaign—and critical infrastructure.
The APT28 Modus Operandi
Behind these sophisticated intrusions is a familiar adversary to Western cybersecurity experts: APT28, also referred to as « Fancy Bear ». This group, tied directly to the GRU, has been under scrutiny for years. Their methods? Persistent and technically advanced, often involving phishing campaigns and malware designed to infiltrate sensitive networks. As Barrot explained, both the United States and the European Union have sanctioned individuals and organizations associated with APT28 for their repeated attempts to sway public opinion.
One need only recall the accusations following the American presidential election in 2016. Then, APT28 was alleged to have leaked thousands of emails from the Democratic Party, with an eye towards tipping the scales in favor of Donald Trump. That same approach surfaced in France two years later.
The « Macron Leaks »: France’s Own Election Interference Case
The French presidential race in 2017 became a focal point for foreign interference. During those tense weeks, APT28 orchestrated what has since been dubbed « Macron Leaks »—the theft and mass publication of confidential documents belonging to Emmanuel Macron‘s inner circle. The operation’s goal was clear: sow confusion and undermine trust just before voters headed to the polls. Despite this digital offensive, Macron ultimately prevailed.
A Broader Pattern Ahead of Paris 2024 Olympics
In response to intensifying threats, France opted for transparency by releasing a detailed report from its national cybersecurity agency, the Anssi. This document catalogues incidents from 2021 through late 2024. Several elements explain this escalation:
- APT28’s expansion into new sectors: Ministries, local governments, defense firms.
- Aim at economic and financial infrastructure.
- Sport organizations involved in Olympic preparations targeted.
These coordinated actions highlight an evolving threat landscape—not merely isolated hacks but sustained campaigns with strategic intent.
While French authorities remain vigilant—and somewhat concerned—the country’s experience underscores how central cybersecurity has become on today’s geopolitical stage. As Paris prepares for the Olympic spotlight, resilience against digital incursions will be tested as never before.