UK's GCHQ blamed for cyber attack on Belgian telecoms company
The agency was named in the latest revelations from NSA whistleblower Edward Snowden
Cahal Milmo is the chief reporter of The Independent and has been with the paper since 2000. He was born in London and previously worked at the Press Association news agency. He has reported on assignment at home and abroad, including Rwanda, Sudan and Burkina Faso, the phone hacking scandal and the London Olympics. In his spare time he is a keen runner and cyclist, and keeps an allotment.
Friday 20 September 2013
Britain is facing a damaging public clash with a European ally after GCHQ was blamed for a cyber attack on Belgium’s largest telecommunications company and the country’s prosecutors announced they were treating the incident as “state-sponsored espionage”.
The Cheltenham-based eavesdropping agency was named in the latest revelations from American whistleblower Edward Snowden as the origin of a sophisticated assault on Belgacom, whose customers include the European Commission and the European Parliament.
An alleged internal GCHQ presentation, marked “Top Secret” and leaked by Snowden, suggests that British intelligence officers targeted Belgacom employees over a number of years with sophisticated malware to gain access to key infrastructure, including the company’s international router.
Prosecutors in Brussels said that initial investigations showed there had been an attack on Belgacom which could only have been possible with “significant financial and logistical backing”. When combined with the complexity of the techniques deployed, this indicated an “international state-sponsored espionage operation,” investigators said.
The Belgian authorities and politicians yesterday stopped short of pointing the finger directly at Britain but the country’s prime minister said the revelations from former National Security Agency contractor Snowden, published by Der Spiegel, were being “closely examined” and warned of unspecified retaliation if the attack was proven.
Elio di Rupo said: “If the hypothesis involving another country is confirmed, we will of course undertake the necessary steps.”
The allegations are the latest in a raft of damaging revelations flowing from Snowden’s document cache, which has exposed the depth of Anglo-American operations to gain access to vast quantities of email and telecommunications traffic across the globe.
The NSA has been implicated in operations ranging from interception of the emails and phone calls of Brazilian president Dilma Rousseff to inserting “back doors” into computer hardware. But confirmation that Britain has been hacking the phone system of a close ally - and the host nation for key European Union institutions - would be also highly damaging.
GCHQ said last night that it had a “longstanding practice” of not commenting on leaks or intelligence matters.
But a spokesman added: “All GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that its activities are authorised, necessary and proportionate, and that there is rigorous oversight.”
The latest documents from Snowden, which appear to date from around 2010, detail “Operation Socialist”, an assault on Belgacom’s “core GRX routers” - the hardware used by mobile phone companies to make calls between different networks and different countries possible.
The slideshow presentation states that GCHQ’s alleged aim was to undertake “Man in the Middle” or “MiTM” operations “against targets roaming using smart phones”.
Man in the Middle attacks are a highly-sophisticated deception which allows a third party to intervene in an electronic conversation and pretend to be each of the other two parties, obtaining valuable information or spreading disinformation without the targets realising.
One of the slides appears to confirm that several Belgacom networks have been compromised, boasting that access “continues to expand” and GCHQ is “getting close” to accessing the routers. The presentation concludes with a large logo featuring construction cranes and the word “success”.
Belgacom and one of its subsidiaries jointly owned by Swiss and South African companies, which also appears to have been targeted, confirmed it had been the victim of a “digital intrusion” on its internal computer network but insisted there was “no indication” that customer data including emails or conversations had been accessed.
There was speculation yesterday that although the company, which is partly state-owned, handles communications involving EU institutions, GCHQ’s alleged interest may have been in users of its international networks linked to Middle Eastern countries such as Syria and Yemen.
Belgian prosecutors, who were called in by Belgacom earlier this summer, said preliminary investigations showed several servers and work stations had been affected by the attack.
In a statement, the Federal Prosecutors office in Brussels said: “Based on the information currently available, the aim of the hacking seems to be more to gather strategic information and not to commit acts of sabotage or cause economic damage.”
- 1 Woman accidentally shoots herself in the head while posing for a selfie
- 2 Isis burns woman alive for refusing to engage in 'extreme' sex act, UN says
- 4 Female Muay Thai champion hustles coaches to give them a beating
- 5 16-year-old girl beaten and burned alive by lynch mob in Rio Bravo, Guatemala
Isis burns woman alive for refusing to engage in 'extreme' sex act, UN says
Purity balls: Girls in the US making virginity pledges as fathers vow to 'protect purity'
Female Muay Thai champion hustles coaches to give them a beating
Puerto Rico, island of lost dreams: People are leaving the debt-hit territory in droves as near neighbour Cuba's star rises
16-year-old girl beaten and burned alive by lynch mob in Rio Bravo, Guatemala
As a white man, I'm surprised more women aren't tweeting the hashtag #KillAllWhiteMen
Scotland may have to leave the EU even if it votes to stay in, David Cameron confirms
The day that Britain resigned as a global power
Almost a third of school pupils believe 'Muslims are taking over our country', study claims
SNP fury as HS2 finds 'no business case' for taking fast train service to Scotland
Gay marriage 'Bert and Ernie' cake bakery found guilty of discrimination in Northern Ireland
£40-50K: Guru Careers: We are seeking an experienced Software / C# Developer w...
£35 - 40k + Benefits: Guru Careers: We are seeking a Software Developer (JavaS...
£18000 - £23000 per annum + Commission: SThree: As a Trainee Recruitment Consu...