GCHQ infected Belgium’s largest telecom company with spyware

Graham Cluley

GCHQEarlier this week, Belgacom – Belgium’s largest telecommunications company – revealed that it had been hacked, and that an “unknown virus” had been found on its computer systems.

Now the mystery of who was responsible for the hack appears to have been revealed. And it wasn’t traditional cybercriminals. It was the UK’s intelligence service, GCHQ.

The revelations are made by Der Spiegel which has received top secret slides from GCHQ’s Network Analysis Centre (NAC), via whistleblower Edward Snowden related to an attack dubbed “Operation Socialist”.

Operation Socialist

In all likelihood, the Belgacom staff who were targeted didn’t realise that the “Quantum Insert” spyware was being silent planted onto their computers, after they visited boobytrapped websites. Once in place, the malware could secretly spy upon their activities, stealing passwords and other documents and installing further code at the behest of its remote operators.

The slides indicate that the British authorities were pleased with the “good access” their infiltration had achieved.

The leaked slides refer to CNE (Computer Network Exploitation), and appear to detail a successful attempt to compromise Belgacom’s infrastructure for the purposes of MITM (man-in-the-middle) attacks on smartphone users.

Whoever put the slides together has added some natty clipart to denote the success of the operation:

Operation Socialist success

It appears, as I described earlier this week, that the goal of the intrusion was to snoop on BICS (Belgacom International Carrier Services), which provides wholesale carrier services around the world to wired and wireless operators, carrying communications for the likes of Syria and Yemen.

Belgium and the United Kingdom are, of course, close European partners. We’re not likely to see obvious sabre-rattling over evidence of spying like this – although it’s hard to imagine that the diplomats won’t be hard at work behind closed doors trying to soften tempers.

Learn more in this article in The Register, and in the original report from Der Spiegel.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES