Belgium ISP under cyberattack by British intelligence

By EDRi · September 25, 2013

Edward Snowden’s opened Pandora box keeps revealing extended eavesdropping of intelligence services. As some new leaked documents and slides show, Belgium ISP Belgacom, which includes as customers the European Commission, the European Council and the European Parliament, was targeted by GCHQ, the British intelligence service.

On 16 September 2013, Belgacom expressed concern regarding an intrusion into its IT systems, having discovered an unknown virus which, according to Prime Minister Elio di Rupo, suggested “high-level involvement by another country”.

Der Spiegel revealed on 20 September 2013 that some leaked slides from Edward Snowden indicate the existence of GCHQ’s “Operation Socialist” which was meant to “enable better exploitation of Belgacom” and which targeted Belgacom employees with high-level access, by using the attack technology called “Quantum Insert”. This appears to be a method to redirect the targeted person, without their knowledge, to websites that plant malware on their computers.

According to another document, access has been possible since 2010 and the British intelligence have had their eyes and ears especially on Belgacom subsidiary BICS, a joint venture between Swisscom and South Africa’s MTN, which provides wholesale carrier services to mobile and fixed-line telcoms internationally, including hot areas such as Yemen and Syria. The goals of the agency included mapping of BICS network to understand Belgacom’s infrastructure and to investigate VPN links from BICS to other telecoms providers. According to the leaked slides, this exercise has been successful and an undated document states that GCHQ was on the verge of accessing the Belgians’ central roaming router that processes international traffic, or complex attacks (“Man in the Middle”) on smartphone users.

GCHQ stated it would not comment on the leaks or on intelligence matters. Belgacom has stated the intrusion did not compromise the “delivery” of communications and that they filed a complaint “against an unknown third party and have granted since then our full support to the investigation that is being performed by the Federal Prosecutor.”

Latest Snowden reveal: It was GCHQ that hacked Belgian telco giant (20.09.2013)

GCHQ ‘Hacked Belgium ISP Belgacom’ (20.09.2013)

Belgacom Attack: Britain’s GCHQ Hacked Belgian Telecoms Firm (20.09.2013)