Emmanuel Macron won France’s presidential election in a landslide. He defeated his opponent, Marine Le Pen, by more than thirty percentage points. Such a high margin might lead one to think that his victory was inevitable. But on the eve of the election, it did not seem that way.
On the Friday before the Sunday election, hackers released a trove of documents they had stolen from the Macron campaign. The leak seemed like a repeat of the DNC leaks during the U.S. presidential election. But unlike the Clinton campaign, Macron’s team was ready.
In December, as Macron was growing in popularity, his campaign began to receive phishing e-mails. They were of “high quality,” according to Mounir Mahjoubi, Macron’s digital director. They appeared to be sent by Macron staffers; one was even sent under Mahjoubi’s own name. The e-mails contained links to sites that resembled official ones—e.g., en-nnarche.org vs. en-marche.org. Those links lead to fake sign-in pages, which were, in Mahjoubi’s words, “pixel perfect.”
Aware that these were phishing e-mails, the Macron team engaged in a “counteroffensive” strategy. They generated slews of false e-mail accounts and fake campaign documents. Then, they entered the login credentials for those fake accounts into the false sign-in pages.
This didn’t prevent the leak, but it slowed the hackers down. Inundated with documents, many of them false, the hackers took longer to sift through what they stole to find anything worth leaking. It also blunted the impact of the eventual leak. Though the hackers did manage to steal and disclose authentic campaign documents, they were lost in the mix with the fake ones. Macron’s team was able to point out those fake documents to discredit the entire leak.
To be sure, other important factors helped make the election-eve leak a dud. French law prohibits journalists from reporting on an election in the 44 hours leading up to it. (Imagine a law like that in the United States!) Hackers released the documents just before the start of that 44-hour period. Journalists were not allowed to report on the leak, and the candidates were not allowed to publicly address it. On Sunday, Macron won.
Macron’s success shows how awareness and preparation can defeat even the most targeted cyber attacks. Read quickly, en-nnarche.org and en-marche.org appear to be the same website. The e-mails themselves seemed official and appeared to be from a familiar sender. Only a careful reader, attuned to the potential risks of receiving these sham e-mails, could have avoided falling for the false links they contained.
Soon, Germany will hold its parliamentary elections, and already the Germans are fortifying their cyber defenses. On May 3, 2017, Germany announced plans to add a cyber division to its military and recruit up to 13,500 “cyber soldiers.” France made a similar move last January.
But the French election shows that Germany may need more than a cyber army to stop meddling hackers. Ingenuity and preparedness on the part of the campaigns, like that displayed by the Macron team, will also be necessary.