Slashdot Mirror
Snowden Docs: Brits Hacked Accounts of Belgian IT Admins
An anonymous reader writes "British secret service GCHQ is willing to penetrate the networks of telecoms firms to subsequently use them for spying. German magazine DER SPIEGEL reports GCHQ hacked the machines of Belcacom staff to later use their GRX routers for targeted man-in-the-middle-attacks on people's phones. Belgacom is the biggest telecom in Belgium, and is partly state-owned. DER SPIEGEL publishes three original slides from a GCHQ presentation. They specifically mention targeting 'engineers/systems administrators.'"
This was probly at the request of Nigel Farage, given his opinion on Belgium and attempts to "..be the quiet assassin of European democracy and of European nation states.".
1. This is not a government spying on another government.
2. Economic espionage is illegal
3. Breaching trust like this will lead to all sorts of blowback when partners find out, it's hardly a good idea.
GCHQ has strayed well over the line from protecting British interests against our enemies to economic and political espionage. This op was probably ordered at the behest of some American service anyway (to whom GCHQ are in hoc to the tune of hundreds of millions of dollars), who knows why or who it benefits, but it certainly isn't the people of the UK.
As far as I've been able to tell, most espionage of a materiel type requires spying on companies, as it's those companies that are the true producers of materiel, not governments themselves.
Do not look into laser with remaining eye.
Any chance the GCHQ people will do time in Belgian jails?
Any chance the U.K. will get an astronomical fine?
The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
The rule of security is: Make it more expensive for the attacker than it's worth to them.
How much is it worth to spy agencies to have root access to telecom providers? Quite a bit, is my amateur guess. The telecom providers (and ISPs, etc.) should anticipate attacks proportional to the value, and implement security proportional to the anticipated attacks. (But do they really have a chance of holding off the NSA, GCHQ, etc.? Perhaps their own national intelligence agency could help, if their citizens can trust them).
How much would it be worth to attackers to access Barack Obama's phone? A general in the military? Warren Buffet? Depending on who you are, the answer ranges from billions to life-and-death (e.g., an enemy in war's survival might depend on access to a U.S. military general's communications). With stakes so high, can such things really be secured?
I could be way off base, but I bet this particular type of information was sought out from the leaks by Greenwald to dissuade GCHQ from behaving the way it did again...
Hmm, the humour and sarcasm seem to have been be lost on you.
in hoc to
Off-topic pedantry: the expression's in hock to, originating from a Dutch word for a kennel or lock-up or prison, informally used to describe someone in debt. Not related to Latin hoc, meaning "this", and common in phrases like post hoc ergo propter hoc ("after this, therefore because of this"), ad hoc ("for this [occasion]"), etc.
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
So what more have we learnt about Poirot?
We already know that something between 1984 and the NAZI regime was being built. Snowden just brought it to everyone's attention.
The best thing we can do is either unplug all together or create custom P2P networks that breaks from the standard networks. We need to use disruptive technologies like CB, Zigbee, enhanced versions GPG, faxs, face to face communication, hell even FIDOnet would offer a level of privacy you usually can't get today.
You say things that offend me and I can deal with it. Can you?
There's no such thing as illegal to a government.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
who knows why or who it benefits, but it certainly isn't the people of the UK.
Is that your evaluation based on many years of experience with the intelligence agencies? Or is it the snark of a passing minute on the internet?
NSA helped foil terror plot in Belgium, documents, officials say
Police arrest 10 over Belgian 'Islamist terror plot'
Belgian police raid homes in connection with Syrian terror groups recruits
Two Belgian "terrorism" suspects detained in Yemen
Fearing terror attack, Belgium arrests 14
The bombs in Belgium are under American control.
Hey, we're allies! Please treat us as such.
Getting rather sick of just overview articles that tell what intelligence agencies are doing, but doesn't explain HOW they are doing it, or everything that they are doing with the collected data. Basically, the journalists have now become the gatekeepers of information deciding what the affected masses should see. Give us (tech community) specific details on who/what has been compromised so that mitigation can take place while we wait for legal and political solutions (if they ever come) to address the criminality and policies of these organizations. The journalists are already on the hook if governments decided to prosecute them for disseminating classified material to individuals without security clearances, so what difference does it make if they release a some details about specific OS vulnerabilities implanted by developers cooperating with, or even paid by the NSA, et al.
Dear Anonymous Coward,
We, being the fine people of the United Kingdom of Great Britain and Northern Ireland, wish to inform you that we have retained our ability to avoid the use of foul language. We also wish to inform you that your assumption that it has gone belies a spectacular lack of awareness on your part. So much so that I would wager my pet parrot against you in matters of general knowledge. Which is saying a lot, because my pet parrot died last week.
Sincerely,
A loyal subject of Her Majesty The Queen.
P.S., Fuck you, arsehole.
"It appears to be a method with which the person being targeted, without their knowledge, is redirected to websites that then plant malware on their computers that can then manipulate them."
So that's who keeps doing that. And I was blaming flash gaming sites that my mother-in-law goes to.
So you think the US charged Snowden with theft of government property, and two espionage offenses of disseminating classified material to someone without a security clearance, and revealing signals intelligence as part of "psyop" operation? Pray tell, I'm intrigued with this theory. Could you elaborate on who the operation is targeting, and what its ultimate goal is? What outcome of this operation would constitute a successful mission?
Maybe, but how about the European Union and European Commission? Even if those (or NATO) use their own comms system, many employees will have personal phones.
Nah, that one is pretty good in the context of EU.
And how exactly do you know that all governments do this? That the British are in the same boat as the Americans has long been suspected. I don't see the Belgians mass monitoring Verizon calls in the US, do you?
Well, I am "willing to penetrate" certain young female celebrities. Doesn't mean I did. Doesn't even mean would. Certainly won't get the opprtunity.
They dont. Belgians arent bullies who try to intimidate everyone.
Yeah, well except that minor unpleasantness in the late 19th century where their King was responsible for the murder and genocide of between 2 and 15 million people in the Congo.
The Royal House of Belgium was imposed on the Belgians by the English and the Germans, who were affraid of too much French influence in the country.
Leopold I van Saxen-Coburg was born in Coburg (Bavaria, Germany), he was the uncle of Queen Victoria (who was also part of the Saxe-Coburg family, they changed their name into Windsor to sound less German).
Congo was the _personal property_ of his son, Leopold II. After the outrage on how he treated the Africans, he "donated" it to the Belgian state as a colony. As a Belgian colony, Congo was not worse of than any other colony at the time (which is bad enough).
a King who seems- by all accounts- to have been the forerunner of Adolph Hitler
Leopold II did not want to exterminate the Africans (unlike Hitler who wanted to exterminate all Jews, Gypsies, gays and the mentally ill); he just wanted to make as much profit as possible. His way to make profit was cruel; but as much as I (an anonymous Belgian) hate him, comparing him to Hitler is trivializing the holocaust.
I don't see the Belgians mass monitoring Verizon calls in the US, do you?
It's all a matter of capability, not interest.
A couple of problems here. Firstly a lot of those stories refer to an event in 2008, and Der Spiegel claims GCHQ only got access to Belgacom in 2010. So their spying cannot have been relevant there.
Secondly, the evidence in those cases was the sort of thing that can be obtained using ordinary court orders or ordinary, limited and carefully controlled wiretaps. The people targeted went to the Afghan-Pakistani border for months and according to one article, some of them were already known criminals in Belgium even before then. Getting a tight, time limited court order for surveillance of these people within Belgium is easily possible - at no point would Britain hacking Belgium have been helpful in such a prosecution and indeed, would have been dangerous - if the evidence was obtained without a warrant and defence counsel found out, the case might have collapsed.
I strongly dislike this notion that the acts Snowden uncovered are all OK because occasionally, the authorities do manage to catch terrorists. Guess what? They also catch random serial killers, fraudsters, drunk drivers who do hit and runs, all kinds of other criminals .... just using the ordinary tools and strict supervision they are supposed to operate under. Where's the evidence that tightly specified, time limited court orders issued by open courts are insufficient? Can you point me to just one case of a terrorist who successfully blew himself up because a judge mistakenly denied a reasonable warrant request? I've not heard of such a thing, even though occasional mistakes would be expected and not by itself sufficient to conclude what the NSA/GCHQ does is necessary.
...that all governments spy on all other governments, regardless of the state of cordiality between those nations.
Belgacom is a government?
Yes, I believe he does. This is based on the extreme reaction by those from whom the data was taken.
If you want to know more what each party is discussing with their national governments, can't think of a better place than hacking Belgian telecom.
This is why they did it.
Wearing pants should always be optional.
The Royal House of Belgium was imposed on the Belgians by the English and the Germans, who were affraid of too much French influence in the country.
Leopold I van Saxen-Coburg was born in Coburg (Bavaria, Germany), he was the uncle of Queen Victoria (who was also part of the Saxe-Coburg family, they changed their name into Windsor to sound less German).
Congo was the _personal property_ of his son, Leopold II. After the outrage on how he treated the Africans, he "donated" it to the Belgian state as a colony. As a Belgian colony, Congo was not worse of than any other colony at the time (which is bad enough).
a King who seems- by all accounts- to have been the forerunner of Adolph Hitler
Leopold II did not want to exterminate the Africans (unlike Hitler who wanted to exterminate all Jews, Gypsies, gays and the mentally ill); he just wanted to make as much profit as possible. His way to make profit was cruel; but as much as I (an anonymous Belgian) hate him, comparing him to Hitler is trivializing the holocaust.
Just a reminder that another one of the colonies was Rwanda -- the situation there shows that Leopold II did not want to exterminate Africans, but he DID take a nation and separate the people there into two "races" based on looks and set up a "genetic" breeding program. Those Rwandans with European-looking features were allowed to marry each other and hold positions of power; those without European-looking features (darker skin, flatter nose, lower cheekbones, more protruding forehead) were excluded from this society and were pretty much only allowed to work as grunt labourers. And so we got the Tutsis and Hutus, and the bloody carnage the country is still recovering from.
Tell that to the 'illegals'...
in hoc to
Off-topic pedantry: the expression's in hock to...
No, no, it's not in hock, although that does rhyme -- read the slide! It says MyNOC .
It makes perfect sense. Chewing on the cables.
Cheers,
"What in the name of Fats Waller is that?"
"A four-foot prune."
I'm quite sure his original stuff about the NSA's prism program is accurate. It is some of the later stuff I'm questioning. I don't doubt that he had access to classified data, and it certainly seem like it is at least somewhat, if not completely, accurate given the reaction. But then there keeps being more and more leaks that are less and less related, which do not seem to be generating much reaction.
It is just causing me to wonder on their veracity.
Let me just clear up all your lack of access concerns: Omivore / Carnivore ran on Unix, it was ported to MS Windows when they made ECHELON, thus Windows is the platform PRISM runs on too.
The only thing suspicious about the reports is that the Chinese hackers who bust up all the SCADA and Windows-Ran Energy grid aren't corroborating the reports... You credit the NSA too highly. Where do you think they higher hackers from? That same group that makes a game out of getting root on Windows and other OSs? So, you're suspicious of the REPORTS, that the least secure operating system in the world, which is regularly exploited so much that a black-market full of exploits exists for, could possibly grant an unprivileged user access to information they shouldn't have had access to?
Personally, with that kind of thinking, I'm more suspicious of YOU.
British are not citizens, they are subjects.
"Civis Europaeus sum!"
You had me until your last line. You actually believe that people in the southern hemisphere are somehow morally superior?
As far as I've been able to tell, most espionage of a materiel type requires spying on companies, as it's those companies that are the true producers of materiel, not governments themselves.
True. And if you were investing a weapons manufacturer in Syria nobody would blink. But Belgium is an ally.
This is like breaking into your friends house without provocation, you know, just in case... uh... something... something... terrorism.
Brilliant move, Britannia.
Change your weed. The current one makes you delusional. He will get a "legion of honor" or something from the Belgian King. Belgium is an Anglosaxon Bitch like everyone else in the "west".
It's unfixable. Because "fixing" would mean to develop a Belgian, serious IT security capability and probably dumping MS Windows.
That's expensive and will infuriate American Money. So this will never happen.
It's about the German election and the Euro. The NSA/GCHQ thing is a "diversionary fire" so that the Euro-crimes are not in the public conscience.
What if the Snownden thing IS the DIVERSION ? They have plenty of things they don't want in the public conscience. The Euro, the dollar, public debt spiralling...
I consider the Syria war a diversion, too. France is in deep economic shit, so they clamour for a new war. Then, there's an election in Germany this weekend.
He's right - Belgians aren't bullies. They were bullies, but then as he pointed out, nearly every developed country has been a bully at some stage in the past, and some still are.
This op was probably ordered at the behest of some American service anyway
I love how every negative thing even other governments do is all our fault. I guess GCHQ is full of retards who can't wipe their ass without being told to by America. What a crock of shit.
There may be connections and there may have been discussion between GCHQ and NSA as we are allies but I'm tired of hearing how we're assholes for things that other people do. If our government agencies can order your government agencies around, you might as well call yourselves Americans, too.
Belgacom also services N. Africa and parts of the middle east, not just Belgium itself and people roaming in Belgium. So the network is a juicy target for anyone wanting to indiscriminately sift through calls to/from these areas as well as those in Belgium itself.
What fucking troll? And it's very much the topic. People are just going to lose interest until they hear or see something they didn't already suspect. And besides, this will have little to no effect on the next set of elections. You're still going to see nothing but republicans and democrats in power. And they sure don't care what the EU thinks. Their politicians are on board anyway. This is going nowhere fast. "Where's the beef?" What's going to be done about it? A big fat nothing, what's what. And certainly not anything with the current set of bums in office. Just a lot of chatter and nothing else.
“He’s not deformed, he’s just drunk!”
Did these acts take place in Britain, or on the continent? I don't think that British law can legalize something that's illegal in the place where it occurred, so the distinction is significant.
I think we've pushed this "anyone can grow up to be president" thing too far.
Bombs?ÂBuns, surely?
Stick Men
Way to try and blame it on the Americans. I wish other countries could actually accept responsibility for their own actions once in a while.
Are agnostics skeptical of unicorns too?
Everyone ( the idiots anyway ) say its only the USA that does this.. this cant be true..
---- Booth was a patriot ----
I can't see the logic. This is just typical scaremongering and paranoia from the government.
The US government molests anyone who tries to get on a plane because there's a 0.000001% chance that they could be a terrorist, or something ridiculous like that. There is no "logic" here; just power-hungry pieces of trash.
Da derp dee derp da teedly derpee derpee dum. Rated PG-13.
Well, UK politicians are all retards who can't wipe their arse without being told to by America, so I see no reason why those in metagovernmental roles should be any less spineless.
Also FatPhil on SoylentNews, id 863
Boy, realize the difference between propaganda and reality.
Yes, the thing that bothers me most about all this though is the fact that the US seems to basically own GCHQ. We already had the story about how the US paid money for access to intelligence and influence on GCHQ but the fact that Snowden was able to pilfer some highly sensitive documents from the NSA about GCHQ is worrying.
Don't get me wrong, I'm absolutely glad Snowden did what he did but our intelligence services are way too close to and way too open with the US.
It's pretty clear what was meant now when David Milliband said our courts couldn't be allowed to demand our intelligence services show evidence about their involvement in extraordinary rendition because it would harm our relationship with US intelligence services - it seems they are part of US intelligence services. The irony now is that it was NSA incompetence that got our intelligence data leaked but you don't see our government condemning the US for that incompetence and threatening them to pull out and stop giving them intel do you? This is why our country has such a reputation as being America's lapdog and it stinks.
Yet that's the exact arguments the UK government uses when it doesn't want to do something.
"We can't just not hand over Julian Assange because the whole extradition looks fishy because that would be illegal"
We have separation of our judicial branch from our government for a reason and they can't just pick and choose when they ignore the law even with their attempt at hijacking the judiciary with their politically appointed supreme court.
"Can you point me to just one case of a terrorist who successfully blew himself up because a judge mistakenly denied a reasonable warrant request?"
Perhaps somewhat ironically, a number of attacks that have succeeded such as the butchering of a soldier in London earlier this year were by people who were not only known to the security services, but whom the security services tried to recruit.
You're right, the security services can't even catch people sat right under their own noses when they have all the information and have been granted all the warrants they possible could have been. Giving them permission to snoop beyond those boundaries is only going to give them more information they can't properly use making it even less likely again that they'll catch the real threats.
Well given that Britain is the second largest military force in NATO after the US you'd think that we'd not need to hack it to find out what was going on.
The official line is that Snowden was just some basic contractor who was a network administrator but other sources that have done some digging seem to think he was one of the NSA's hired hackers contracted to attack other nation state's infrastructure.
Only it seems he turned on the NSA and hacked them instead, hence the access to all this data.
The problem is that the NSA was likely using the very algorithms and systems it had put backdoors into assuming that no one else would know about the backdoors so it wouldn't be problematic for them. It also meant that someone like Snowden who'd been informed of all the back doors he could use could exploit the same backdoors inside the NSA itself which would've made things trivial for him.
The US has placed way too much trust in it's staff but most importantly it's contractors for too long. It was first obvious with Manning, one might wonder why a near bottom of the ladder analyst sat in Iraq would have access to every diplomatic cable across the globe for example but for some reason he did.
They've had the balance between sharing of intel to allow analysts to make fast optimal decisions and keeping it secure wrong for a while now but that's not something that can be quickly fixed either. This likely stems from the post-9/11 expansion of the security services where all these new security agencies, contractors and staff were all demanding access to various bits of information so they just opened it up to everyone as it was the only way they could fulfil all the requests.