Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

Britain’s GCHQ Hacked Belgian Telco: Report

The Spiegel reports that the cyber-attack against the half-state owned telecommunications provider Belgacom was an operation executed by the UK’s GCHQ, based on documents leaked from Edward Snowden.

The Spiegel reports that the cyber-attack against the half-state owned telecommunications provider Belgacom was an operation executed by the UK’s GCHQ, based on documents leaked from Edward Snowden.

According to a “Top Secret” Presentation by GCHQ, the project has the codename “Operation Socialist” with the mission to enable “improved surveillance of Belgacom” and to better understand the providers infrastructure.

While the Presentation is undated, another document states that GCHQ has had access since at least 2010.

Belgacom became aware of the attack after initiating an internal review after the NSA Spying revelations. The EU Commission, the Council of Europe and the European Parliament are Belgacom customers.

Initially, the NSA was suspected, but the presentation shows that it was a British operation using surveillance technology developed by the NSA.

According to the presentation, the attack was executed by an attack technique named “Quantum Insertion” (QI), where several Belgacom employees were redirected without their knowledge to malicious websites where the surveillance malware was installed. Several of these victims had “good access” to important parts of the Belgacom infrastructure, according to the Spiegel report.

From there, GCHQ was able to further infiltrate the providers network, and the presentation indicates that one target were the “Roaming routers” which are responsible for international traffic, where a man-in-the-middle attack was intended to be used to spy on smartphone users.

According to the Spiegel, GCHQ’s Network Analysis Center considered “Operation Socialist” a success.

Advertisement. Scroll to continue reading.
Written By

Oliver has worked as a penetration tester, consultant, researcher, and industry analyst. He has been interviewed, cited, and quoted by media, think tanks, and academia for his research. Oliver has worked for companies such as Qualys, Verizon, Tenable, and Gartner. At Gartner he covered Security Operations topics like SIEM, and co-named SOAR. He is the Chief Futurist for Tenzir, working on the next generation of data engineering tools for security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

Daniel Kelley was just 18 years old when he was arrested and charged on thirty counts – most infamously for the 2015 hack of...

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

CISO Strategy

The SEC filed charges against SolarWinds and its CISO over misleading investors about its cybersecurity practices and known risks.

Cybercrime

A global cyber espionage campaign has resulted in the networks of many organizations around the world becoming compromised after the attackers managed to breach...

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...