Belgacom hacked by UK's GCHQ using 'Regin' malware

Belgacom, Belgium’s largest telecom company allegedly hacked by UK’s GCHQ

Reports indicate that Belgian telecom giant Belgacom was under continuous hack attack for more than two years.  British spy agency GCHQ allegedly was behind this hack attack which was reported by The Intercept yesterday.  The news of this hack attack into Belgacom first broke last year in Belgian local newspapers and the Belgian government then asked Britain to respond the allegations that GHCQ was responsible for this attack.

One of the few Belgian newspaper covering this report was De Standaard.  “In its digital attack on Belgacom, the British secret service was able to intercept more communications than was previously realised,” De Standaard said. De Standaard in partnership with Dutch newspaper NRC Handelsblad  and The Intercept pieced together the entire hack attack on Belgacom.

Regin

First instances of the hack attack were noticed in 2012 but it was only in 2013 that Belagcom’s security team could figure out what was actually wrong with their systems.  It had been infected by a highly sophisticated malware which was disguising itself as a legitimate Microsoft software to evade detection which at the same time stealing Belgacom data and transmitting it to overseas sources.  The malware which was discovered by the Belgacom’s security was unknown to them and only recently the researchers from Symantec were able to identity it as ‘Regin’ the nation backed malware. Regin which is already known to have powerful espionage capabilities has been compared to the lethal Stuxnet which completely destroyed Iran’s nuclear program and set it back by at least 10 years.

The attack on Belgacom first began in 2011 with GCHQ first hacking into networks of three Belgacom employees and using their credentials, GCHQ was able to ‘poke around undisturbed’ into the Belgacom network and its subsidiary BICS for almost three years.

Through this hack, the GCHQ was able to intercept communications from Belgacom’s individual clients, from NATO and the EU, as well as from clients of hundreds of international telecoms providers.  Belgacom was chosen for this hack attack through ‘Regin’ by GCHQ, because Belgium was a very important player in European Union and Belgacom had  partnerships with hundreds of telecommunications companies across the world.

Belgacom’ security team isolated the software packing the Regin malware in 2013 and removed it.  As per the report there was no impact on Belgacom’s customers.  Both Belgacom and GCHQ have refused to comment on this issue.

Resource : The Intercept.

LEAVE A REPLY

Please enter your comment!
Please enter your name here