The hacking of computers at Belgian telecom Belgacom, alleged to have been carried out by British intelligence agency GCHQ, was more far-reaching than previously thought and went undetected for more than two years, according to reports published on Saturday (13 December).
News of the intrusion into Belgacom’s networks first broke late last year when Belgium asked Britain, its NATO and European Union partner, to respond to allegations that its intelligence service was responsible.
Belgian newspaper De Standaard, Dutch paper NRC Handelsblad, and The Intercept website, which regularly reports on documents leaked by former US security contractor Edward Snowden, published detailed accounts on Saturday of how the scheme is alleged to have worked.
“In its digital attack on Belgacom, the British secret service was able to intercept more communications than was previously realised,” De Standaard said.
It said British surveillance agency GCHQ got into the network in 2011 by hacking three employees and was then able to “poke around undisturbed” in the network of Belgacom and subsidiary BICS for two-and-a-half years.
“The security service was thus able to intercept communications from Belgacom’s individual clients, from NATO and the EU, as well as from clients of hundreds of international telecoms providers. It is an unprecedented violation of the privacy of anybody who used a mobile telephone,” it said.
The Intercept, financed by eBay founder Pierre Omidyar, said its reporting was based on documents from Snowden, who is currently living in Russia, and interviews with sources familiar with the investigation at Belgacom.
It said the malicious software found on Belgacom’s systems was one of the most advanced spy tools ever identified by security researchers, who called it “Regin”.
Belgacom, Belgium’s dominant telecoms provider, was seen as a top target by the British spy agency because it plays an important role in Europe and has partnerships with hundreds of telecommunications companies across the world, it said.
Citing a GCHQ document from 2011, the website said the British spy agency hacked into the computers of three Belgacom engineers, gaining access to the firm’s networks for surveillance purposes. Later, GCHQ obtained data being sent between Belgacom and other operators, it said.
The hack was not detected until 2013, when Belgacom said it had improved security and removed an unknown virus from its systems and that there was no indication of any impact on customers. It did not respond to requests for comment on Saturday.
GCHQ has previously declined comment on the allegations.