Goodbye to the Central Office for the Fight against Crime Linked to Information and Communication Technologies (OCLCTIC), hello to the Anti-Cybercrime Office (Ofac). Nearly two months after the formal creation of this structure, the national police has just revealed the outlines of its new judicial spearhead in the fight against cybercrime.
The new structure merges the former sub-directorate for the fight against cybersecurity and the former central cyber office with its endless acronym. It must be, explained the head of Ofac, Controller General Nicolas Guidoux, synonymous with “simplification” and “more efficiency”. How ? By integrating more technical profiles into legal investigations.
Concretely, the new structure based in Nanterre (Hauts-de-Seine) has 180 people, including around twenty specialized engineers. It brings together four centers dedicated to investigations, operational support, intelligence and the detection of cyber threats. Ofac, whose deputy head is divisional commissioner Cécile Augeraud, the former boss of OCLCTIC, should have 220 people in 2027, according to projections from the national police “cyber plan”.
Eleven antennas
The Ofac cyber-investigations center is therefore made up of two sections. The first is dedicated to cyber attacks, from ransomware to data theft. The second is responsible for the fight against criminal services, whether black markets or encrypted communication networks such as Sky-ECC or Encrochat.
In addition to providing tools, the support center is responsible for training and setting up a technical platform to make the data speak. The intelligence center has an analysis department, and it is also the international point of contact. Finally, the detection center brings together the two Pharos and Thésée platforms. Established in March 2022, this online complaint system aims to centralize complaints for cases of online fraud, blackmail, and extortion.
The new central office will be able to rely on its eleven territorial branches to improve responsiveness. That is around 200 agents at the moment, around 500 within three years. This presence in the region “is an important issue: if there is ransomware in Marseille or Brittany, we have people ready to respond on the ground,” points out Nicolas Guidoux.
2023 review
If the year 2024 promises to be placed under the sign of Olympism with the Paris Games, a major event which should be synonymous with attempted fraud or computer attacks, the national police have recalled the outcome in 2023 several major cases, from Hive ransomware to Qakbot malware.
Last December, the police managed to arrest in Paris, thanks to cross-checks between crypto-asset portfolios and open source research, a person suspected of being one of the secret bankers of the Hive ransomware gang. . This mafia franchise was dismantled in January 2023 after approximately two years of malicious activity.
Last August, the French police also participated in the dismantling of the Qakbot malware, with the seizure of six servers. However, the police also saw last year one of their investigations flop in court, with the acquittal of the two brothers prosecuted in the siphoning of funds from the decentralized finance platform Platypus, a judgment which the prosecution appealed.
Complementarity with Comcyber-MI
As recalled by a report from the National Assembly, the 14 central offices of the judicial police existing in France are investigative services with national jurisdiction. These structures are responsible for handling the most complex legal cases, centralizing information, coordinating the actions carried out by judicial police services and providing technical assistance.
But if the central offices are usually also responsible for proposing legal developments, this scope differs for the fight against cybercrime due to the sharing of tasks with the brand new Comcyber-MI, competent for this last point. Attached to the national gendarmerie, this cyber service with national competence of the Ministry of the Interior is also responsible for strategy, the management of rare skills and training. “The missions of Comcyber-MI are complementary to Ofac,” assures Nicolas Guidoux.
In a recent report, the Court of Auditors called for better cooperation between the police, the gendarmerie, which houses the national cyber unit, the new name of the Center for the Fight against Digital Crime (C3N), and the Paris police headquarters, whose specialized service is the cybercrime brigade (BL2C). The General Directorate of Internal Security finally plays an important role in cyber investigations, its judicial services being referred to hacking cases targeting State networks or operators of vital importance.