Operation Socialist Explained

Operation Socialist is the code name given by the British signals and communications agency Government Communications Headquarters (GCHQ) to an operation in which GCHQ successfully breached the infrastructure of the Belgian telecommunications company Belgacom between 2010 and 2013.[1] The operation's existence was first revealed in documents leaked by the former National Security Agency contractor Edward Snowden.

Objectives and methods

GCHQ used a method called Quantum Insert attack[2] embedded in fake LinkedIn pages targeting Belgacom engineers.[3] The breach was conducted under the code name 'OP Socialist'. The main target of the clandestine infiltration was to gain access to Belgacom's GRX Operator to enable GCHQ to obtain roaming data for mobile devices and execute what is generally referred to as Man-in-the-middle attack against targets.

When the first anomalies were detected in 2012, Belgacom's security team were unable to identify their cause.[4] [5] Only in 2013 malware disguised as legitimate Microsoft software had been identified as the source of problems.

According to the leaked documents GCHQ probed Belgacom's infrastructure for years.[6] According to the leaked documents 'Operation Socialist' has been qualified by the head of the GCHQ's Network Analysis Centre as a success.

Reaction

Snowden subsequently described Operation Socialist as the "first documented example to show one EU member state mounting a cyber attack on another".[7]

Notes and References

  1. Web site: Gallagher. Ryan. The Inside Story of How British Spies Hacked Belgium's Largest Telcom. firstlook.org. 13 December 2014 . 9 April 2015.
  2. News: Britain's GCHQ Hacked Belgian Telecoms Firm. 20 September 2013. Der Spiegel.
  3. News: Quantum Spying: GCHQ Used Fake LinkedIn Pages to Target Engineers. 11 November 2013. Der Spiegel.
  4. News: Lees hier hoe de Britse geheime dienst GCHQ Belgacom aanviel. NRC. NL.
  5. News: Britse geheime dienst bespioneerde jarenlang Belgacom-klanten. De Standaard.
  6. Web site: How GCHQ hacked Belgacom. 11 November 2013. www.infosecurity-magazine.com.
  7. Web site: GCHQ hacked Belgium's largest telecom service. 16 December 2014. IT Pro Portal.