A few days ago, Britain’s Biggest Telecom provider “Belgacom” found a piece of Malware on a number of internal IT systems, in which NSA was initially pointed, but today, a report by Der Spiegel discloses that “Britain’s GCHQ intelligence agency was responsible for that sophisticated Malware, which was being used to intercept Belgacom’s data since 2010.”
A “top-secret” Government Communications Headquarters (GCHQ) presentation seen by SPIEGEL indicate that the goal of project, conducted under the codename “Operation Socialist,” was “to enable better exploitation of Belgacom” and to improve understanding of the provider’s infrastructure.
The presentation seen by the SPIEGEL was undated, but another documents indicate that the spying was in process since 2010. The document shows that the Belgacom subsidiary Bics, a joint venture between Swisscom and South Africa’s MTN, was on the radar of the British spies.
According to the Slides, the several Belgacom Employees were under that attack. Slides also disclosed a High-Level Technology referred to as a “Quantum Insert” (“QI”) involved in extracted the data from the organization.
How GCHQ was targeting Belgacom?
They were using man-in-the-middle attacks that redirected employees to websites which contained Malware, on visiting those websites their computers infected with Malware and then used to manipulate the computers and collect key information.
Slides also reflect, What was the Next Target?
Slides reflect that the next target for GCHQ was Belgian company’s central router and once accessed the plan was to use ‘man-in-the-middle’ attacks on smartphone users.
Der Spiegel also tried to contact GCHQ, but no one replied back.