Slashdot Mirror
Snowden Docs: Brits Hacked Accounts of Belgian IT Admins
An anonymous reader writes "British secret service GCHQ is willing to penetrate the networks of telecoms firms to subsequently use them for spying. German magazine DER SPIEGEL reports GCHQ hacked the machines of Belcacom staff to later use their GRX routers for targeted man-in-the-middle-attacks on people's phones. Belgacom is the biggest telecom in Belgium, and is partly state-owned. DER SPIEGEL publishes three original slides from a GCHQ presentation. They specifically mention targeting 'engineers/systems administrators.'"
" It appears to be a method with which the person being targeted, without their knowledge, is redirected to websites that then plant malware on their computers that can then manipulate them. "
How is this super-sophisticated exactly, it sounds like every other redirection-malware attack with the exception of a targeted individual.
When do the Belgian bombs start falling?
...that all governments spy on all other governments, regardless of the state of cordiality between those nations.
Didn't we already know this?
Do not look into laser with remaining eye.
Proving Nigel Farage wrong! Belgium really is relevant!
Truthfully, if any hub of communication on the continent was going to exploited and counter-expoited, it would be the trunks and infrastructure running into and out of Belgium. SHAEF is there and lots of other stuff. I wonder what will be unearthed about the Russians in Belgium?
---- The above post was generated by the Turing Institute. Maybe.
This was probly at the request of Nigel Farage, given his opinion on Belgium and attempts to "..be the quiet assassin of European democracy and of European nation states.".
It seems reasonable to suspect the internet was designed exactly for this purpose. That Al Gore is a sneaky one.
Any chance the GCHQ people will do time in Belgian jails?
Any chance the U.K. will get an astronomical fine?
The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
I know that on teh intarwebs anything goes, but can you please stop saying B*lg**m ?!! That's really offensive.
They're gonna have to come up with better stuff that this if they want to keep the ratings/ad rates up
“He’s not deformed, he’s just drunk!”
The rule of security is: Make it more expensive for the attacker than it's worth to them.
How much is it worth to spy agencies to have root access to telecom providers? Quite a bit, is my amateur guess. The telecom providers (and ISPs, etc.) should anticipate attacks proportional to the value, and implement security proportional to the anticipated attacks. (But do they really have a chance of holding off the NSA, GCHQ, etc.? Perhaps their own national intelligence agency could help, if their citizens can trust them).
How much would it be worth to attackers to access Barack Obama's phone? A general in the military? Warren Buffet? Depending on who you are, the answer ranges from billions to life-and-death (e.g., an enemy in war's survival might depend on access to a U.S. military general's communications). With stakes so high, can such things really be secured?
I could be way off base, but I bet this particular type of information was sought out from the leaks by Greenwald to dissuade GCHQ from behaving the way it did again...
Hmm, the humour and sarcasm seem to have been be lost on you.
to ndeliver what,
Fuck You
Yours Sincerely a British Citizen
Could someone explain to a non-networking person what exactly a GRX router is?
What proof do we have of the authenticity of what Snowden is leaking? It could all or mostly be bullshit. In any good psyop you need a small element of truth to add authenticity to the bulk of propaganda. He needs to survive somehow so how do we no that this seemingly endless supply of highly classified documents are not fabricated? There is certainly financial motivation on his part, the Globe and other news outlets to keep the story going.
So what more have we learnt about Poirot?
We already know that something between 1984 and the NAZI regime was being built. Snowden just brought it to everyone's attention.
The best thing we can do is either unplug all together or create custom P2P networks that breaks from the standard networks. We need to use disruptive technologies like CB, Zigbee, enhanced versions GPG, faxs, face to face communication, hell even FIDOnet would offer a level of privacy you usually can't get today.
You say things that offend me and I can deal with it. Can you?
Getting rather sick of just overview articles that tell what intelligence agencies are doing, but doesn't explain HOW they are doing it, or everything that they are doing with the collected data. Basically, the journalists have now become the gatekeepers of information deciding what the affected masses should see. Give us (tech community) specific details on who/what has been compromised so that mitigation can take place while we wait for legal and political solutions (if they ever come) to address the criminality and policies of these organizations. The journalists are already on the hook if governments decided to prosecute them for disseminating classified material to individuals without security clearances, so what difference does it make if they release a some details about specific OS vulnerabilities implanted by developers cooperating with, or even paid by the NSA, et al.
They got hold of Belgacoms routers, which route smartphone data for it's users, which lets them intercept the smartphones connected to belgacom's network, including all the roaming. Including Brits in Belgium.
Belgacom's users being people like the EU Parliament, EU Commission, visiting politicians who roam through Belgacom. Including British politicians, journalists, etc. SWIFT, and other international organizations are based in Belgium.
European arrest warrant should be issued as soon as they find out who was involved, and for the head of GCHQ for ordering it, and the UK police should not side with the MET/GCHQ. This is a crime, clear and simply. A major crime at that, it is not legal in the UK to hack computer systems.
"It appears to be a method with which the person being targeted, without their knowledge, is redirected to websites that then plant malware on their computers that can then manipulate them."
So that's who keeps doing that. And I was blaming flash gaming sites that my mother-in-law goes to.
It was 2010, so Sir Arthur Bonsall was the director of GCHQ at the time.
The crime he committed, is Belgiums anti hacking law. There is no immunity for GCHQ in Belgium, he is just a criminal like any other.
Presumably the GCHQ/NSA PR machine and astroturf will be out and about telling us it was all for Belgium's interests... just like it hacked into Brazil Petroleum and claimed it was 'to detect economic instability...' what claptrap. It was just more spying.
The European arrest warrant means Belgium should be able to force Britain to hand him over for trial. CIA nearly lost their chief to Italy, who prosecuted for illegal rendition. Instead of defending himself, he just ignored it, and hoped his political masters would protect him. They didn't. So Bonsall is expendable, and easy to arrest in mainland Europe. He will cross European airspace sooner of later.
I assume Cameron and William Hague will offer him their full support, (i.e. a sacrificial lamb).
Not just Nato, EU is based in Belgium, all those smartphones owned by EU politicians tapped, all the secrets of their visiting family members, all that political leverage. Since Belgacom is a big roaming provider, all the *visiting* politicians would also be tapped too while in Belgium. So UK politicians visiting the EU Parliament with their smartphones, all the German politicians visiting the EU Commission.
In related news, the Belgium Foreign office was tapped:
http://www.deredactie.be/cm/vrtnieuws.english/News/130919_hacking
"public prosecutors are investigating a break-in into the computer network employed by the Belgian Foreign Ministry."
"The news that malware was discovered on computer systems operated by the Belgian Foreign Ministry has been confirmed by an official.
"The discovery of the malware was made at the end of 2011. Joren Vandeweyer: "The computer programme was not designed to cause any damage, but rather to copy data."
"We immediately changed our security system and contacted the Defence Ministry and informed the Prime Minister."
"The public prosecutor’s office is now investigating whether the American intelligence service NSA is behind the hacking."
I notice below people are saying NATO comms doesn't use Belgacom, which is false and misleading. All the Generals have their phones, all those smartphones roam through Belgium's telecoms infrastructure.
Well, I am "willing to penetrate" certain young female celebrities. Doesn't mean I did. Doesn't even mean would. Certainly won't get the opprtunity.
Not of the NSA (I mean seriously, you weren't already?) but of these leaks? I am starting to have doubts that this one contractor had access to all this varied data, about various programs, and now even about non-American agencies.
I am seriously starting to wonder if he, or others, are making up some shit for their own ends. I just have trouble buying that he has all this disparate data, on all this stuff, particularly given the compartmentalization of highly classified data.
If you want to know more what each party is discussing with their national governments, can't think of a better place than hacking Belgian telecom.
This is why they did it.
Wearing pants should always be optional.
in hoc to
Off-topic pedantry: the expression's in hock to...
No, no, it's not in hock, although that does rhyme -- read the slide! It says MyNOC .
It makes perfect sense. Chewing on the cables.
Cheers,
"What in the name of Fats Waller is that?"
"A four-foot prune."
Brilliant move, Britannia.
Everyone ( the idiots anyway ) say its only the USA that does this.. this cant be true..
---- Booth was a patriot ----