A "top secret" Government Communications Headquarters (GCHQ) presentation indicate that the goal of project, conducted under the codename "Operation Socialist," was "to enable better exploitation of Belgacom" and to improve understanding of the provider's infrastructure.
The presentation is undated, but another document indicates that access has been possible since 2010. The document shows that the Belgacom subsidiary Bics, a joint venture between Swisscom and South Africa's MTN, was on the radar of the British spies.
Belgacom, whose major customers include institutions like the European Commission, the European Council and the European Parliament, ordered an internal investigation following the recent revelations about spying by the United States' National Security Agency (NSA) and determined it had been the subject of an attack. The company then referred the incident to Belgian prosecutors.
When news first emerged of the cyber attack, suspicions in Belgium were initially directed at the NSA. But the presentation suggests that it was Belgium's own European Union partner Britain that is behind "Operation Socialist," even though the presentation indicates that the British used spying technology for the operation that the NSA had developed.
According to the slides in the GCHQ presentation, the attack was directed at several Belgacom employees and involved the planting of a highly developed attack technology referred to as a "Quantum Insert" ("QI"). It appears to be a method with which the person being targeted, without their knowledge, is redirected to websites that then plant malware on their computers that can then manipulate them. Some of the employees whose computers were infiltrated had "good access" to important parts of Belgacom's infrastructure, and this seemed to please the British spies, according to the slides.
The documents also suggest that GCHQ continued to probe the areas of infrastructure to which the targeted employees had access. The undated presentation states that they were on the verge of accessing the Belgians' central roaming router. The router is used to process international traffic.
According to the presentation, the British wanted to use this access for complex attacks ("Man in the Middle" attacks) on smartphones users. The head of GCHQ's Network Analysis Centre (NAC) described Operation Socialist in the presentation as a "success."
The hacking attack by Britain's GCHQ intelligence service on Belgian telecoms provider Belgacom has angered politicians in the country. Belgium plays host to the EU's top institutions as well as NATO, and Prime Minister Elio di Rupo is considering diplomatic retaliation.
Di Rupo added that Belgium was a popular target because it hosts many of the most important European Union institutions, universities and corporations, as well as NATO. He said his government would increase funding to increase Internet security and also move to decisively implement a new cyber strategy.
By Guylain Gustave Moke
Photo-Credit: AFP- Belgacom Centre photo in Brussels