"During a thorough investigation of traces of a digital intrusion, we discovered an unknown virus in a number of units in our internal IT-system. In order to eliminate this virus effectively, we decided to clean up the entire system," they shared, adding that the operation was well prepared and has been executed effectively.
They made sure to point out that there is no indication of any impact on the customers or their data and that the delivery of their telecommunication services has not been compromised at any point.
"The virus has only been detected in the internal computer system of Belgacom, not in its telecom network," they said, and after all instances of it have been removed, the company's employees were asked to change their password.
The company has shared that the Belgian federal prosecutor is investigating the intrusion, and they haven't commented on the likely attackers. Belgian PM Elio Di Rupo issued a formal statement, saying that the aim of the intrusion was not sabotage but the collection of "strategic information".
He also said that the technology used for the attack seems to indicate that another country might be behind it.
"If this hypothesis is confirmed and it is indeed cyber espionage, the Government strongly condemns this intrusion and violation of the integrity of the public company," he stated, adding that if this proves to be true, they will take "appropriate action".
At a press conference, both Belgacom CEO Didier Bellens and Jean-Pascal Labille, the Belgian Minister of Public Enterprises and Development Cooperation, have declined to comment on which foreign country might be behind the attack and said they didn't know how long the telecom's systems have been compromised.
According to Dutch news-site NRC and their "well-informed" sources, the compromise dates back to 2011, and the complexity of the malware suggests that the British and American intelligence are likely the culprits.
"The hackers were interested in Belgacom International Carrier Services (BICS), a support service that delivers traffic between telecom companies. BICS, a joint venture with Swisscom and MTN South African telecommunications company, is a global player and one of the largest service providers in Africa and the Middle East," explained the journalists, adding that the attackers have managed to break into the infrastructure of the BICS and were able to access telephone and data traffic from countries like Syria and Yemen.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.