Bernard Barbier, a former head of the French signals intelligence service, shared a few stories with students of CentraleSupélec, the elite engineering school from which he graduated in 1976, at a symposium this summer.
There was that time he caught the U.S. National Security Agency delving into computers at the Elysée Palace, residence of the French president, for example. And flew to Washington to tell them they'd been found out. Or when the Canadians said they -- and the Iranians, the Spaniards, the Algerians and a few others -- had all been hacked by a Frenchman, and they were totally right, although the French government denied it.
These little confessions to the members of a student association at his old school, though, have reached a somewhat larger audience than he may have planned on.
The discussion on June 2 was recorded -- from the front row, so he must surely have been aware -- and found its way onto YouTube later that month. There it lay, largely unremarked, until last weekend when a reporter for French newspaper Le Monde found it and published transcripts of large parts of it. Almost immediately, the original video was taken down. Another has appeared, although the sound has been doctored, purportedly to improve the audio quality.
Barbier's revelations can't really be called a scoop, as the Canadian and Elysée hacks had been widely reported. They have, however, never been officially confirmed.
Until he left to join IT consulting firm Sogeti in 2013, Barbier was head of the signals intelligence division of the French Directorate-General of External Security (DGSE), a post he had occupied since 2006. During that time, he was responsible for transforming the DGSE's spying activities into a tool for mass surveillance. Before that, he had alternated between roles at the French Commission for Atomic Energy and Alternative Energies (CEA) and other posts at the DGSE.
The students quizzed him about two events in particular.
The first concerned the run-up to the 2012 French presidential election, when the DGSE found malware on computers at the presidential residence, the Elysée Palace.
Two years previously, that same malware had been used in an attack on the European Commission, he told them.
By 2012, the DGSE had the means at its disposal to identify the origin of the new attack, Barbier said. He concluded that it could only have been the U.S., and using a technique that, thanks to Edward Snowden, we now know as Quantum Insert.
The following year, he said, the new president sent him to Washington to complain to the director of the NSA, Keith Alexander.
"We were sure it was them. Alexander wasn't happy. In the end, he said, 'Bernard, well done. ... You French are good,' meaning he thought we'd never catch them," Barbier told the students.
Sign up for Computerworld eNewsletters.