FOR A MOMENT, it seemed the hackers had slipped up and exposed their identities. It was the summer of 2013, and European investigators were looking into an unprecedented breach of Belgium’s telecommunications infrastructure. They believed they were on the trail of the people responsible. But it would soon become clear that they were chasing ghosts – fake names that had been invented by British spies.
The hack had targeted Belgacom, Belgium’s largest telecommunications provider, which serves millions of people across Europe. The company’s employees had noticed their email accounts were not receiving messages. On closer inspection, they made a startling discovery: Belgacom’s internal computer systems had been infected with one of the most advanced pieces of malware security experts had ever seen.
As The Intercept reported in 2014, the hack turned out to have been perpetrated by U.K. surveillance agency Government Communications Headquarters, better known as GCHQ. The British spies hacked into Belgacom employees’ computers and then penetrated the company’s internal systems. In an eavesdropping mission called “Operation Socialist,” GCHQ planted bugs inside the most sensitive parts of Belgacom’s networks and tapped into communications processed by the company.
The covert operation was the first known example of a European Union member state hacking the critical infrastructure of another. The malware infection triggered a massive cleanup operation within Belgacom, which has since renamed itself Proximus. The company – of which the Belgian government is the majority owner – was forced to replace thousands of its computers at a cost of several million Euros. Elio di Rupo, Belgium’s then-prime minister, was furious, calling the hack a “violation.” Meanwhile, one of the country’s top federal prosecutors opened a criminal investigation into the intrusion.
…click on the above link to read the rest of the article…
