Belgium's largest telecoms company says it was hacked

Belgacom, the largest telecoms company in Belgium, has announced today that its systems were hacked into, and that it found "an unknown virus in a number of units in [its] internal IT-system."

Belgacom statement

Belgacom - which handles some of the undersea cables that carry voice and data traffic around the world - is naturally keen to reassure its customers, and its FAQ says that "thus far" it has found no evidence that users' data or communications were impacted by the hack.

Has there been any damage for your customers?
No, thus far we have no indication of any impact on our customers or their data. The virus has only been detected in the internal computer system of Belgacom, not in its telecom network.

According to the telecom company's official statement (quaintly titled "Belgacom takes actions related to IT security", presumably in an attempt to make the story sound as un-sexy as possible), the unknown malware was found on "a few tens" of employee workstations. Dozens of employees worked over the weekend ensuring that affected systems were cleaned up.

BelgacomSo far, it doesn't sound *that* worrying. Companies find malware on their computers all the time, and it sounds like they were able to clean up their systems without too much pain, although there remains a concern about what information might have been taken while the "unknown virus" was in place.

But wait a minute.

Some media reports, have tried to shed more light on the story, saying that well-informed sources have confirmed that Belgacom's systems were bugged for more than two years, most probably by the USA or the United Kingdom's GCHQ.

Could the hackers have been interested in BICS (Belgacom International Carrier Services), which provides wholesale carrier services around the world to wired and wireless operators, and service providers?

As Giga OM explains, if BICS had been compromised, it might help intelligence agencies to gather data on communications coming from the likes of Syria and Yemen.

Frankly, there's not enough information available to put a convincing case together at the moment of NSA or GCHQ involvement in the hack. And it's certainly not an avenue of discussion that Belgacom are likely to be comfortable travelling down.

Tags: , , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

Subscribe to the free GCHQ newsletter

, , , ,

One Response

  1. \\`h1t3Rabbit

    September 17, 2013 at 6:16 am #

    Come on Graham – don't feed into the FUD of the NSA/GCHQ flames. Occam's razor is probably applicable here, and the most simple answer is that malware has been persistent on the machines (like probably everywhere else) and it needs to be cleared up – UNTIL such time as we have evidence to the contrary we shouldn't treat this as an international conspiracy without hard evidence.

    // @Wh1t3Rabbit

Leave a Reply