Why poor security led to the theft of the Louvre’s jewels.
The recent theft of royal jewels from the Louvre in Paris – including the crown Bonaparte III gave Empress Eugenie, pictured here – provides cause for concern. Or to be precise, 88 million euros’ of concern, for this is the estimated value of the treasures the gang made away with.
While four suspects have been detained, at the time of writing French police still sought the ‘mastermind’ behind the heist. The jewels have also yet to be located. However, given what is coming to light about the security at the Louvre, France’s premier museum and home to the Mona Lisa, it may be that a mastermind is never found.
Why? Because the Paris prosecutor has said the crime was carried out by petty criminals rather than organised crime professionals.
But also, criminal genius doesn’t seem to have been necessary given the password to the museum’s video surveillance ‘server’ was “Louvre.” Or that 61% of the museum’s rooms did not have video camera coverage.
More points to security failings on a considerable scale. A report by France’s National Cybersecurity Agency (ANSSI) found the museum’s network was still running obsolete operating systems, like Windows 2000 and Windows Server 2003, and cited a lack of sufficient antivirus protection.
Worse, holes in the Louvre’s security were flagged way back, with a report drawn up well before the heist saying that managers had preferred to invest in new artworks and exhibitions rather than basic upkeep and protection. The museum began a security audit a decade ago, but the recommended upgrades will not be completed until 2032, the state auditor said last week. The leaked report from France’s Court of Auditors found “repeated postponements of the scheduled modernisation of security systems.”
It wasn’t about the money; as one of the richest of all of France’s museums, the Louvre had the funds necessary to upgrade its security system. It just chose not to. As one French art expert noted, the museum seems to have preferred to spend its “abundant” resources on “eye-catching initiatives rather than basic protection of what it already had in its collection.”
Sadly, nothing I have read about the break-in differentiates a place housing one of the world’s greatest collection of priceless artworks, with far humbler venues with less valuable assets.
For years we in the industry have argued that security should not be a grudge purchase, or a hastily convened measure after the event. Investing in advanced, labour-saving security technology that can alert staff to issues before they become real is vital.
At Reliance High-Tech, my colleagues and I have highlighted constantly to the market about the need to take physical electronic security seriously and ensure it is cyber compliant. It is not just about getting the cheapest installer or technology in to ‘fit and forget’.
We continually promote simple measures like device patching, keeping firmware operating systems up to date and the use of secure digitally encrypted password vaults
I see that French Culture Minister Rachida Dati has called for “swift corrective measures.”
To paraphase another James Bond film, Words are not Enough. The Louvre, like many other organisations, has just learned the hard way that decent security is core to its operations. It needs to take action.
If you would like to talk to an expert or book an audit of your system, please contact info@reliancehightech.co.uk and quote reference ‘Louvre’ with your details. We would be very happy to discuss.
