IT staff spent the weekend in a massive cleanup operation to remove traces of a "spectacular" attack on computers at Bercy, the headquarters of the French Ministry of Economy, Finances and Industry, a government minister said.
"There was an attack on the computer systems at Bercy," Budget Minister François Baroin said in an interview on radio station Europe 1. "It's probably the first time it's been as spectacular as this."
Staff at the ministry had suspected for some time that something was amiss, but it was only recently that the General Secretariat for Defence and National Security confirmed their suspicions, Baroin said. That organisation may release more details later in the week, he said.
"The attack was blocked this weekend, and an enormous maintenance programme was carried out at Bercy to clean all the systems," he said.
The attackers broke into mailboxes and servers over the course of several weeks. There is no sign that personal tax files were targeted, he said.
The attack was probably from outside France, according to Baroin: "We have some leads, but at this stage it's impossible to confirm them," he said. "What's important now is to identify the origin of the attack, to find out how it happened and to put in place stronger defences to dissuade a future attack."
"What was targeted, it seems, was the organisation of the G20 as, so it seems, happened during the organisation of the previous G20," he said. In October, news reports claimed that the G20 conference in Seoul was targeted by North Korean hackers.
The G20 meetings brings together the finance ministers and central bank governors of 19 countries and the European Union. In addition to the EU, the G20 members are Argentina, Australia, Brazil, Canada, China, France, Germany, India, Indonesia, Italy, Japan, Mexico, Russia, Saudi Arabia, South Africa, South Korea, Turkey, the UK and the US.
The latest incident, Baroin said, shows that companies are not the only targets of economic espionage: It can also happen to states. "This is just one more incident, a confirmation that we, too, need to protect our IT systems," he said.