British Refuse To Co-operate With Belgian Hacking Inquiry

The UK government has been accused of endangering diplomatic relations with Belgium after its “exceptional” refusal to cooperate with an inquiry into GCHQ’s alleged hacking of Belgacom, the country’s biggest telecoms company (now Proximus Group.

For at least two years ending in 2013, the British intelligence service was probably spying within the state-owned company’s networks on the instruction of UK ministers, according to leaks from a judicial inquiry presented to Belgium’s national security council this week.

When asked by the Belgian federal prosecutor’s office to cooperate with the investigation into the alleged hacking, the UK Home office is said to have refused, claiming: “The United Kingdom believes that this could jeopardise our sovereignty, security and public order.”

According to the Belgian newspaper, De Standaard, the prosecutor’s office regarded the response as “exceptional between EU states, and something that could lead to a diplomatic incident”.

Sophia in ’t Veld, a member of the European parliament’s committee on civil liberties, justice and home affairs, tweeted in response to the media report: “Remarkable attitude towards other European countries, pre or post Brexit.”

The Belgian prime minister, Charles Michel, declined to comment.

The GCHQ operation, if proven, would be the first documented example of an EU member state covertly hacking into the critical infrastructure of another.

The Belgian investigation into the alleged hacking was launched in response to claims made by the National Security Agency whistleblower Edward Snowden five years ago when he leaked 20 slides exposing GCHQ’s hacking targets, which included Belgacom, now known as Proximus.

Codenamed Trinity, the Belgian inquiry found evidence of hackers swiftly covering their tracks following Snowden’s leaks but also unambiguous evidence of the British intelligence service’s involvement, it is alleged.

The investigation discovered spy software installed remotely on Belgacom’s computers from three Internet protocol addresses registered in the UK to front companies. When Belgian investigators approached GCHQ for help in identifying those behind the IP addresses, it declined to cooperate.

The spies, working under the codename Operation Socialist, were said to have targeted the computers of Belgacom employees working in security and maintenance through the use of fake LinkedIn messages.

There was a particular focus on the Belgian company’s subsidiary unit, Belgacom International Carrier Services, which handles phone and data traffic in Africa and the Middle East. It was reported that the British espionage operation was also seeking to target communications made between roaming smartphones.

The interception could have also provided access to communications at Nato headquarters in Brussels and at key European institutions including the European commission, European parliament, and the European council.

The prosecutor’s report is said to have concluded that there was not enough evidence to prosecute any individual.

The Belgian prime minister at the time of the alleged hacking, Elio di Rupo, promised to take “the appropriate steps” if the high-level involvement of a foreign country was confirmed.

The Belgian government, a majority shareholder in the telecoms company, has spent €50m (£44m) on improving its security after the hacking scandal. A GCHQ spokesman declined to comment. 

Guardian:

You Might Also Read:

GCHQ Data Collection Violated Rights To Privacy

« Russia And US Offer Competing Visions Of Cyber Normality
North Korea Is Using The Internet Like The Mafia »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Zentek Digital Investigations

Zentek Digital Investigations

Zentek has been providing digital forensics services to the public and private sector for computers and mobile devices since 2004.

Open Networking Foundation (ONF)

Open Networking Foundation (ONF)

The Open Networking Foundation (ONF) is a non-profit operator led consortium driving transformation of network infrastructure and carrier business models.

Original Software

Original Software

Original Software offers a test automation solution focused completely on the goal of effective software quality management.

Gurucul

Gurucul

Gurucul predictive security analytics protects against insider threats, account compromise and data exfiltration on-premises and in the cloud.

Openminded (OPMD)

Openminded (OPMD)

Openminded is a French security and network services company.

Subex

Subex

Subex leverages its award-winning telecom analytics solutions in areas such as Revenue Assurance, Fraud Management, Asset Assurance and Partner Management, and IoT Security.

Signifyd

Signifyd

Signifyd is the world's largest provider of Guaranteed e-Commerce Fraud Protection.

Industrial Networking Solutions (INS)

Industrial Networking Solutions (INS)

INS Services specializes in designing, deploying and providing on-going support for critical OT (Operational Technology) and IIoT (Industrial Internet of Things) networks.

CloudMask

CloudMask

CloudMask patent technology provides Dynamic Data Masking (DDM) that masks sensitive data, structured or non-structured, in real-time.

Maticmind

Maticmind

Maticmind is an ICT System Integrator providing solutions and specialized skills in Networking, Security, Unified Communications & Collaboration, Datacenter & Cloud and Application.

Mvine

Mvine

Mvine's primary business is authoring and selling Cyber-Secure Platforms for Collaboration Portals and for Identity Management as well as delivering cloud support services.

Plexal

Plexal

Plexal is East London's innovation centre and co-working space. We offer startups flexible memberships, giving them access to office space plus all the benefits and support they need to scale.

Gatefy

Gatefy

Getfy is a cybersecurity company specialized in artificial intelligence and machine learning. We work to solve challenging issues, especially those involving email security.

Epoch Concepts

Epoch Concepts

Offering a full line of IT services, solutions, and integration capabilities, Epoch Concepts is the trusted partner of the US military, federal agencies, private enterprises, and systems integrators.

ZILLIONe

ZILLIONe

ZILLIONe is one of Sri Lanka´s top enterprise technology solutions providers.

turingpoint

turingpoint

turingpoint GmbH is a tech enabled boutique consultancy. It was founded by security experts with a focus on cyber security and software solutions.