September 21, 2013
Another day, another report on a leaked Snowden document, this time showing how the UK’s GCHQ, using technology from the NSA, gleefully hacked into Belgian telco giant Belgacom’s system.
According to the slides in the GCHQ presentation, the attack was directed at several Belgacom employees and involved the planting of a highly developed attack technology referred to as a “Quantum Insert” (“QI”). It appears to be a method with which the person being targeted, without their knowledge, is redirected to websites that then plant malware on their computers that can then manipulate them. Some of the employees whose computers were infiltrated had “good access” to important parts of Belgacom’s infrastructure, and this seemed to please the British spies, according to the slides.
The documents also suggest that GCHQ continued to probe the areas of infrastructure to which the targeted employees had access. The undated presentation states that they were on the verge of accessing the Belgians’ central roaming router. The router is used to process international traffic. According to the presentation, the British wanted to use this access for complex attacks (“Man in the Middle” attacks) on smartphone users. The head of GCHQ’s Network Analysis Centre (NAC) described Operation Socialist in the presentation as a “success.”
Once again, despite various denials, it appears that the NSA/GCHQ have been hacking intocompanies, rather than directly targeting individuals or terrorist organizations. This leads to questions about the possibility of economic espionage, but also about using these hacked systems for further attacks. As the report notes, this could be especially concerning, given that Belgacom serves the EU Parliament, the EU Council and the EU Commission — all of whom have been named as “targets” of the NSA (and, by extension, GCHQ, even as the UK is a member of the EU).
As I’ve said in the past, I’m a lot less disturbed by intelligence gathering on foreign politicians — that’s just standard every day expected espionage activity. However, hacking into companies to do that espionage begins to cross some very questionable lines that could lead to massiveeconomic harm, as well as the ability to mask the surveillance by government agencies as somehow being the fault of those companies.