image

Espionage

Belgium condemns UK over refusal to cooperate with inquiry into alleged British hacking of telecoms company

  • Britain’s GCHQ hacked into Belgium’s biggest telecoms company over two years, according to a Belgian judicial inquiry
  • Alleged hacking could have provided access to communications at Nato, the European Commission, European Parliament and European Council
PUBLISHED : Thursday, 25 October, 2018, 9:42pm
UPDATED : Thursday, 25 October, 2018, 9:52pm

The British government has been accused of endangering diplomatic relations with Belgium after its “exceptional” refusal to cooperate with an inquiry into GCHQ’s alleged hacking of Belgacom, the country’s biggest telecoms company.

For at least two years ending in 2013, the British intelligence service was probably spying within the state-owned company’s networks on the instruction of UK ministers, according to leaks from a judicial inquiry presented to Belgium’s national security council this week.

When asked by the Belgian federal prosecutor’s office to cooperate with the investigation into the alleged hacking, Britain’s Home Office is said to have refused, claiming: “The United Kingdom believes that this could jeopardise our sovereignty, security and public order.”

According to Belgian newspaper De Standaard, the prosecutor’s office regarded the response as “exceptional between EU states and something that could lead to a diplomatic incident”.

Sophia in ’t Veld, a member of the European parliament’s committee on civil liberties, justice and home affairs, tweeted in response to the media report: “Remarkable attitude towards other European countries, pre or post Brexit.”

Belgium’s Prime Minister Charles Michel declined to comment.

The GCHQ operation, if proven, would be the first documented example of an EU member state covertly hacking into the critical infrastructure of another.

The Belgian investigation into the alleged hacking was launched in response to claims made by National Security Agency whistle-blower Edward Snowden five years ago when he leaked 20 slides exposing GCHQ’s hacking targets, which included Belgacom, now known as Proximus.

Top EU rights court says UK’s mass spying violated privacy laws

Code-named Trinity, the Belgian inquiry said it found evidence of hackers swiftly covering their tracks following Snowden’s leaks and unambiguous evidence of British intelligence involvement.

The investigation discovered spy software installed remotely on Belgacom’s computers from three internet protocol addresses registered in the UK to front companies. When Belgian investigators approached GCHQ for help in identifying those behind the IP addresses, it declined to cooperate.

The spies, working under the code name Operation Socialist, were said to have targeted the computers of Belgacom employees working in security and maintenance through fake LinkedIn messages.

Snowden files reveal US, British hacking into company’s SIM cards

There was a particular focus on the Belgian company’s subsidiary unit, Belgacom International Carrier Services, which handles phone and data traffic in Africa and the Middle East. It was reported that the British espionage operation was also trying to target communications between roaming smartphones.

The interception could have also provided access to communications at Nato headquarters in Brussels and at key European institutions including the European commission, European parliament, and the European council.

The prosecutor’s report is said to have concluded that there was not enough evidence to prosecute an individual.

The Belgian prime minister at the time of the alleged hacking, Elio di Rupo, promised to take “appropriate steps” if the high-level involvement of a foreign country was confirmed.

The Belgian government, a majority shareholder in the telecoms company, has spent 50 million (US$57 million) improving its security after the hacking scandal.

A GCHQ spokesman declined to comment.