NSA suspected in IT intrusion at Belgium's largest telecom

Belgacom, Belgium's largest telecommunications firm, has reported that its network has been compromised and the NSA is a leading suspect

Belgacom, Belgium's largest telecommunications firm, has filed a complaint with the nation's federal prosecutor, after their IT teams detected several indicators of compromise on the company's network.

In a statement, Belgacom says that they've filed a complaint with the Belgium federal prosecutor's office against an "unknown third-party" after internal security checks detected several indicators of compromise on dozens of systems.

"During a thorough investigation of traces of a digital intrusion, we discovered an unknown virus in a number of units in our internal IT-system. In order to eliminate this virus effectively, we decided to clean up the entire system," the statement explained.

The virus detected was located outside of Belgacom's telecom network, on the internal systems, "at no point in time has the delivery of our telecommunication services been compromised," the statement added.

Taken at face value, Belgacom's statement is overly generic and doesn't really get into any real details. Direct questions to the firm result in referrals to the statement, or the prosecutor's office, which will not disclose data related to an ongoing case.

However, sources have told local media (De Standaard) that at least two years worth international phone traffic was compromised by the discovered malware. In a press conference, Belgacom said that they had no idea how long the malware was present on their network, but deflected more direct questions.

Citing well-informed sources, another local report (NRC.nl) said that the attackers — likely the NSA or Britain's GCHQ — were focused on Belgacom's International Carrier Services, a support service that delvers traffic between Swisscom and South Africa's MTN, which is also one of the largest service providers in Africa and the Middle East.

If true, then these allegations align with what's been publically reported about the Tempora program ran by the GCHQ.

During the press conference, Jean-Pascal Labille, the Minister of Public Enterprises and Development, when asked to speculate on if a foreign government was involved, deferred to the courts on the matter.

"It is up to the court to do its job. Once the perpetrators are identified, we will respond appropriately, I assure you," he said.

Insider: How a good CSO confronts inevitable bad news
Join the discussion
Be the first to comment on this article. Our Commenting Policies