Confessions of a master of French intelligence
This is an unexpected intrusion into a world forbidden from public view : the intelligence and secret wars. Faced with the school's students Centrale-Supélec engineers, from which he came, Bernard Barber, one of the most important figures of the French espionage of last decade, has unveiled mysteries we thought insoluble. In this talk, he has broken transparency on some of the key recent espionage cases that have affected France. He broke taboos, especially in describing the Chinese attack on Areva and confirming the responsibility of France behind a global computer attack detected by Canadian services.
Mr Barbier, who was from 2006 to 2014 counterpart director of the National Security Agency (NSA), as head of the technical department of the Directorate General for External Security (DGSE), began his career at Commissariat for Atomic energy (CEA). Within the DGSE, he obtained in 2008 a budget of 500 million euros and 800 new posts for one of the greatest revolutions of the French intelligence: create a massive data collection system replacing France in the race in modern espionage.
Surprisingly, the content of his speech, delivered in June on the school campus in Châtenay-Malabry (Hauts-de-Seine) and the filmed record of which we were able to watch, had no public response. However, the intelligence community and its main figure, Bernard Bajolet, the head of the DGSE, had all summer to be offended by these statements that show no doubt that the real secrets are not perhaps where it is believed. Excerpts.
The truth about computer attack against the Elysee in 2012
To date, it was only suspicion. The Americans could have played a role in the hacking of the computers of employees of the head of the French state, at the time Nicolas Sarkozy, discovered between the two rounds of presidential elections, in May 2012. An internal memo from the NSA, revealed by Le Monde in fall 2013 and preparing the visit, on 12 April 2013, of two senior French officials, including Mr. Barbier, came to account Americans, was instead suspicions toward Israeli intelligence...
"The head of information security of the Elysee was a former of my leadership at the DGSE, says Mr. Barber. He asked us for help. We saw that there was a malware that had a signature identical to the one we had identified during an attack against the European Community in 2010. There were only Americans and Russians who could have made this first operation. In 2012, we had more resources and technical capacity to work on metadata. I came to the conclusion that this could only be the United States.
This malware also attacked other countries with a revolutionary method which was revealed, in 2013, by Edward Snowden: the "quantum attack". Someone Elysee going on Facebook, but instead of going directly to the server of the social network, the consultation was intercepted by NSA machine that answered instead of Facebook (...), enabling it to enter your computer. This malware was the flaw and allowed to take control of your computer.
I received the order of Mr. Sarkozy's successor to go to the United States and scold them. It was April 12, 2013 and it was really a great moment in my career. We were sure it was them. At the end of the meeting, Keith Alexander [director of the NSA 2005 to 2014], was not happy. While we were on the bus, he said he was disappointed because he thought we never would detect them. And he added: "You are still good." The great allies, they were not spying on them. The fact that the Americans broke this rule was a shock.
When Le Monde was about to publish the internal document of the NSA preparing the visit of 12 April 2013, I asked my correspondent to the NSA in Paris to give me a copy of it. He said he could not, because the level of secrecy of the note is such that only President Obama could declassify. I reacted by saying that ten million French would read this note whereas I did not have access to it. I finally had it a day before its publication. "
Babar or the end of a state secret
Babar, or the end of a state secret
In 2013, Le Monde published a paper unveiled by Edward Snowden revealing that Canadian secret services suspect their French counterparts of being behind a vast hacking operation launched in 2009. If the attack targets a half dozen Iranian institutions related the nuclear program of that country, it also targets Canada, Spain, Greece, Norway, Ivory Coast, Algeria and even some targets in France. About its authors, Canadians were still uncertain: "We believe, with a moderate degree of certainty, that it is an operation on computer networks supported by a State and implemented by a French intelligence agency." On the French side, absolute silence. Paris admits having acquired defensive capabilities, but denies any offensive activity, a taboo. Until Mr. Barbier's story.
"Canadians reverse-engineered a malware they had detected. They found the programmer, who had dubbed his malware "Babar" and signed "Titi". They concluded that he was French. And actually, he was a French (...). We crossed an enormous threshold between 1990 and 1995 when we bought a US Cray supercomputer. We found that with a very large computing power, we could break passwords.
We started hacking in 1992. I built the first state hacking teams, the first soldiers of the French cyber-army. The best have no university education. It's not a problem of knowledge, it's a brain problem. This is someone who, from years 15-16, started hacking. He'll find things and therefore flaws. Today, it's not 100 people we should recruit, it takes 200 to 300. "
The merger of the DGSE and its German counterpart, the BND
Mr Barbier did not simply recount operations. He also mentioned the reluctance of political power against its proposals to respond more effectively to new threats, and in particular his daring project of outlining a European intelligence embryo.
"It is impossible to build a single European intelligence service with twenty-eight countries that do not have the same resources or the same culture. The best, relative to their number of inhabitants, are the Swedes. The Italians are bad. The Spanish are a little better, but do not have means. And the British, with 6500 agents in the GCHQ [the British electronic intelligence] are strong, but are they European? And France is the first force of technical information in continental Europe.
This leaves the Germans, who are strong partners. I worked a lot with them, both in transmitting our know-how but also by providing technical means. The German and French engineers work very well together. However, the British engineer with the French engineer, it's complicated.
To be more effective, I said to politics in France that it was necessary to merge the BND [German Federal Intelligence Service] and the DGSE. It's the only way. That would make a 15 000-people service. The NSA has 60 000 people, and the technical direction of the DGSE, alone, counts 3000 agents. But French politics never responded."
A revolution in the secret of the DGSE
During his presentation, Bernard Barbier has shown the key role now played by the technical direction in the fight against jihadist circles and modern espionage.
"Having human intelligence on jihadist networks is almost impossible. Members [of these networks] work only with people they know. In the direction we were already aware in 2012 that some French wanted to return to France to do the jihad. On several occasions in 2013, my team had already made me listen to interceptions of French in Syria talking to their families or relatives, clearly evoking their project to come to France (...).
I managed to convince the "action" service to work with my technical direction during a first joint operation in July 2010 on a team that wanted to blow up the embassy of France in Nouakchott, Mauritania. We showed the military that, thanks to satellites, we could make a 3D model of their place of intervention [a jihadist camp] in the middle of dunes, and thus enable them to virtually choose their path. They eliminated them as they were waking up.
This collaboration was a real revolution in the DGSE. For me, as an engineer, it was fundamental. For commandos, bringing people of other services with them, it was a revolution. For their absolute rule is: "I do everything myself.". In appreciation for the success of the operation, the head of the Action Service offered me a Kalashnikov taken from the jihadists."
Edward Snowden, "a traitor who helped us rather"
Finally, asked about the most famous whistleblower in the history of intelligence, Mr Barbier made an unexpected nuance to the official discourse usually held sbout Edward Snowden, highlighting the services given to France.
"For me, Snowden is a traitor to his country, but he has nothing to do with Julian Assange [WikiLeaks founder]. The Americans had made Snowden, a contractor outside of the NSA, a system administrator. While those who do this job at the DGSE are officials who have between fifteen and twenty years of seniority. The likelihood of having a Snowden in France is very low. Snowden showed that espionage existed between allies and that hardware was hacked by the Americans like the on sold by Cisco, which poses a problem of independence on technology. As such, Snowden was rather helpful to us. "