Belgacom was breached by Britain's GCHQ
Posted on 20 September 2013.
Earlier this week, the primarily state owned Belgacom - the largest telecom in Belgium, with customers such as the European Commission, Council and Parliament - has made public the fact that their internal computer system have been breached by an "unknown third party".


The company involved the Belgian federal prosecutor in the investigation, and Belgian PM Elio Di Rupo stated that the technology used for the attack seems to point towards an espionage effort mounted by a foreign state.

And while Belgacom CEO and the Belgian Minister of Public Enterprises and Development Cooperation to speculate which state might be involved, "well-informed" internal sources fingered the UK and the US as the likely attackers.

Today, the German Der Spiegel reported about perusing documents leaked by NSA whistleblower Edward Snowden, among which was a presentation that indicates Britain's GCHQ intelligence service is the perpetrator of the attack.

"The presentation is undated, but another document indicates that access has been possible since 2010," the reporters noted. "The document shows that the Belgacom subsidiary Bics, a joint venture between Swisscom and South Africa's MTN, was on the radar of the British spies."

The codename of the successful effort is "Operation Socialist", and its goal was to enable better exploitation of the company and understanding of its infrastructure.

They did so by targeting a number of Belgacom employees, attempting to redirect them to malware-laden sites where they would pick up backdoor Trojans or other malware that would allow the attackers to remotely manipulate their computers.

Having achieved that, the agents were able to access important parts of the company's infrastructure, to (from there) attempt to access the rest - such as the company's central roaming router that processes international traffic - and ultimately to mount Man-in-the-Middle attacks targeting smartphone users.









Spotlight

Intentional backdoors in iOS devices uncovered

Posted on 22 July 2014.  |  A researcher has revealed that Apple has equipped its mobile iOS with several undocumented features that can be used by attackers and law enforcement to access the sensitive data contained on the devices running it.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Jul 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //