UK’s Unwillingness to Cooperate Over Belgacom Hack is Scandalous – IT Journo

Britain’s unwillingness to launch a thorough investigation into the alleged hacking of Belgacom exposed in 2013 amounts to nothing less than an international scandal, IT specialists told Sputnik, suggesting that European nations need to form an open alliance for defence and intelligence to mitigate risks and reduce reliance on other nations.

“That Belgacom, an EU member state-owned telecommunications company, is alleged to have been targeted for monitoring/hacking by GCHQ spies is staggering enough, but the fact that the UK is seemingly not interested in cooperating with the Belgian government to get to the bottom of this is downright scandalous,” Robin Wauters, European technology journalist and founding editor of Tech.eu, Belgium say.

In September 2013, Der Spiegel reported that documents from the archive of NSA whistleblower Edward Snowden indicated that Britain’s Government Communications Headquarters (GCHQ) had allegedly been behind a cyber-attack against Belgacom, adding that access to the telecom company’s data had been possible since 2010.

According to Belgian federal prosecutors, the intercept of the country’s largest telecom operator had been conducted since at least 2011 and was closed in August 2013. However, the UK refused to cooperate with Brussels over the alleged attack.

“I can’t see how this would not be cause for a serious diplomatic conflict between two nations who are considered to be ‘friendly’, and I hope the UK changes its stance to allow for serious investigations of the hacking claims, and the publication of its results,” Wauters underscored.

Graham Cluley, public speaker and independent computer security analyst from the UK, echoed the journalist’s concerns: “The scandal is that this was a hack sponsored by one EU member state against a state-owned company in another EU state.” 

According to him, the GCHQ and the UK “appear to have got away with this, which hardly bodes well for preventing similar attacks between EU nations from happening again in future.”

Cluley has warned against blaming the victim, saying that “the organisation which targeted Belgacom (now Proximus Group) was Britain’s state-run intelligence agency which has extraordinary resources at its disposal.”

“Show me an organisation which believes it is 100 per cent impregnable, and I’ll show you an organisation which is massively deluded.  Any company or organisation can be hacked if their attacker is determined enough.  It may not be easy, it may take months or years, the hacker may not always get as far in as they would like or be able to steal the information that they were after, but there is always a way to do something,” he emphasised.

The security analyst explained that the malware planted by British spies on the company’s servers had not drawn attention to itself. He specified that it was disguised as legitimate Microsoft software installed “after tricking engineers to visit a bogus version of the LinkedIn website, and before silently exfiltrating data from Belgacom’s network ensured it was wrapped in multiple layers of encryption.” 

He further noted that the data was usually stolen during the normal working day “making the transmission of data less suspicious and hiding the activity amongst the cacophony of other data moving in and out of the corporate network.”

“The malware even contained the ability to self-destruct, in an attempt to remove evidence of its existence,” he added.

For his part, Rufo Guerresch, executive director at Trustless Computing Association and leading-edge IT security entrepreneur and activist from Italy, is far more categorical about the incident and its consequences.

“After 70 years, the EU still does not have even a shred of a joint defence and intelligence capability and governance,” he stressed. “It is a disgrace for the sovereignty, freedom and economic development of every EU citizen and nation. So therefore the executive branch and security agencies of a small nation like Belgium need to come to more or less conscious compromises to adequately mitigate their terrorist risk.”

Commenting on how it happened that GCHQ had managed to steal data from Belgium’s biggest telecommunications operator for years, the security activist said that it was “nothing new at all.” 

He elaborated that “by far the greatest and more costly cyber-attacks are those of the confidentiality and/or integrity of data of certain entities that never get discovered or get discovered many years later.”

Guerresch noted that “news, understandably but wrongly, only focuses on publicised and discovered cyberattacks,” expressing hope that the EU General Data Protection Regulation’s (GDPR) mandatory disclosure “can help a bit.”

As for the possibility of repeated attacks, the activist believes that a few leading EU nations should go ahead and forge within the EU “an open strong and solid alliance for defence and intelligence” in order to reduce their reliance on other nations for prevention of crimes and development of their most critical defence systems.