Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

Britain’s GCHQ Hacked Belgian Telco: Report

The Spiegel reports that the cyber-attack against the half-state owned telecommunications provider Belgacom was an operation executed by the UK’s GCHQ, based on documents leaked from Edward Snowden.

The Spiegel reports that the cyber-attack against the half-state owned telecommunications provider Belgacom was an operation executed by the UK’s GCHQ, based on documents leaked from Edward Snowden.

According to a “Top Secret” Presentation by GCHQ, the project has the codename “Operation Socialist” with the mission to enable “improved surveillance of Belgacom” and to better understand the providers infrastructure.

While the Presentation is undated, another document states that GCHQ has had access since at least 2010.

Belgacom became aware of the attack after initiating an internal review after the NSA Spying revelations. The EU Commission, the Council of Europe and the European Parliament are Belgacom customers.

Initially, the NSA was suspected, but the presentation shows that it was a British operation using surveillance technology developed by the NSA.

According to the presentation, the attack was executed by an attack technique named “Quantum Insertion” (QI), where several Belgacom employees were redirected without their knowledge to malicious websites where the surveillance malware was installed. Several of these victims had “good access” to important parts of the Belgacom infrastructure, according to the Spiegel report.

From there, GCHQ was able to further infiltrate the providers network, and the presentation indicates that one target were the “Roaming routers” which are responsible for international traffic, where a man-in-the-middle attack was intended to be used to spy on smartphone users.

According to the Spiegel, GCHQ’s Network Analysis Center considered “Operation Socialist” a success.

Advertisement. Scroll to continue reading.
Written By

Oliver has worked as a penetration tester, consultant, researcher, and industry analyst. He has been interviewed, cited, and quoted by media, think tanks, and academia for his research. Oliver has worked for companies such as Qualys, Verizon, Tenable, and Gartner. At Gartner he covered Security Operations topics like SIEM, and co-named SOAR. He is the Chief Futurist for Tenzir, working on the next generation of data engineering tools for security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Former Barclay’s CISO Oliver Newbury has joined ransomware protection firm Halcyon as a strategic advisor

Stephanie Crowe has been appointed head of the Australian Cyber Security Centre (ACSC).

Cloud security giant Wiz has named Fazal Merchant as President and Chief Financial Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.