LONDON – French Defence Secretary Florence Parly told the Forum International de Cybersecurite in Lille, France that “cyber war has begun.” She said that France would use cyber attacks alongside traditional weapons and that it will set up a military bug bounty program.
Offensive Cyber Security
Speaking Wednesday, Ms. Parly declared that, for France, cyber weapons “are a tool to defend ourselves. To respond and attack.” It is the attack bit that is likely to get the most attention. Ms. Parly said France had “published the main lines of that [offensive] doctrine” last week. This is something that the UK, for example, is far more circumspect about doing (via The Register).
Ms. Parly called for “more co-operation and partnerships and convergence with our European allies.” She said this is necessary as the cyber threat “has no border.”
Military Bug Bounty Program
The French Defence Secretary revealed that France will shortly launch a military bug bounty program. She said: “At the end of February we are going to announce the first bug bounty of the MoD [Ministry of Defence]. Ethical hackers were recruited in the cyber operational research [department] and they’re going to track down the faults of our systems. If they find some they will be rewarded for it.”
Britain’s National Cyber Security Centre works with the HackerOne platform to give researchers the chance to tell them about Government website vulnerabilities. Its vulnerability reporting services went live in November 2018. However, a blog post by an NCSC Vulnerability Disclosure Lead about the program did not mention a bounty.