“A state-sponsored espionage operation”

  • The prosecutor’s office sees the hand of a state behind the Belgacom hacking case
  • The United States is the prime suspect
  • The government is taking this case very seriously
  • Didier Bellens, though, is playing it down

Belgacom was spied on: the strategically important Belgian state-owned company dedicated to telecommunications confirmed on Monday morning the information previously reported by our colleagues at De Standaard. It acknowledged having filed a legal complaint against entity unknown on July 19th for unauthorized access to its computer network. Questions remain. Belgacom was spied on, but by whom, and why?

By whom? The federal prosecutor’s office, without naming names, gives credence to the NSA theory (the National Security Agency in the United States), whose large scale programs were revealed by Edward Snowden. The office’s investigation, which was launched in July with the support of the Federal Computer Crime Unit (the federal police unit dedicated to the struggle against cybercrime) and the Belgian State Security Service, demonstrated that “only intruders with large financial and logistical means could possibly perform this type of hacking. This data along with the technical complexity and breadth of this intrusion are leading investigations toward a state-sponsored surveillance operation”.

This could be a potentially explosive statement in the diplomatic realm. Prime Minister Elio DiRupo indicated Monday in a press release: “If this theory is confirmed, the government will strongly condemn this intrusion and violation of the public company’s integrity”. Speaking on behalf of the government, Laurette Onkelinx denounced being “clotheslined by an allied country”. Behind the scenes, however, the case is advancing slowly but surely: “The United States? There is corroborative evidence, but nothing definite yet.” No one in the ministerial offices has mentioned China or Russia, but most of them are pointing the finger at the USA.

During a spontaneous press conference with the Belgacom CEO, Didier Bellens, Jean-Pascal Labille, minister of state enterprises, hit the nail on the head when he declared, “When the organization or organizations having performed this act of piracy are known, the government will take strong and appropriate measures”. According to Tuesday’s issue of De Standaard, which quoted sources close to the case, there is a 90% chance that the pirated information headed in the direction of the United States.

But why? It seems that in this instance, the NSA may be interested in communications taking place via Bics, a Belgacom subsidiary in charge of connections between foreign operators’ networks. It is the leading player in its industry in Africa and in the Middle East. This would allow the Americans to listen to countries such as Yemen or Syria, for example. Didier Bellens is playing it down, emphasizing the fact that only the company’s internal computer network (employee mailboxes, files hosted on servers or PCs etc.) were infected by the virus and not the telecommunication network. Confidentiality surrounding phone communications, emails etc., was not compromised. “We have no evidence of any effect on our customer’s data,” he stated, explaining that “at no time was telecommunication service delivery jeopardized.” Could it simply be a case of industrial espionage? The nature of the content of the hacked information packets remains unknown at this time, and that is what is being explained to the federal government.

Timeline: On July 2012 Belgacom noticed a problem, but the malware was only discovered in July of this year with the help of a specialized Dutch company. A complaint was filed on July 19th and remained top secret for two months. Belgacom and the judicial system wanted to deal with the situation in secrecy. First, the location of this malware needed to be found. It was only found in a few dozen of the 25,000 machines connected to Belgacom’s internal computer network system. It was at this point that the judicial system came on the scene, using the time to analyze the malware’s behavior, and observe the type of information it was collecting and to whom it was sending. Lastly, preparation time was required to disinfect the network and to take preventive measures.

“Dozens of people worked on this issue,” insists Bellens. The cleanup operation, which was delayed once, finally began in earnest last Saturday at 10 pm and ended Sunday evening. The deputy prime ministers at the federal government level were informed two weeks ago. Well before this time, Belgium’s defense information services acted on its end. And now? A spokesperson told Le Soir: “The case is in Elio Di Rupo’s hands. We’re all going to work to reinforce cybersecurity and await the results of the investigations. We will then advise.”


This entry was posted in Non classé. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>