Belgacom, Belgium's largest telecommunications firm, has reported that its network has been compromised and the NSA is a leading suspect Belgacom, Belgium’s largest telecommunications firm, has filed a complaint with the nation’s federal prosecutor, after their IT teams detected several indicators of compromise on the company’s network.In a statement, Belgacom says that they’ve filed a complaint with the Belgium federal prosecutor’s office against an “unknown third-party” after internal security checks detected several indicators of compromise on dozens of systems.“During a thorough investigation of traces of a digital intrusion, we discovered an unknown virus in a number of units in our internal IT-system. In order to eliminate this virus effectively, we decided to clean up the entire system,” the statement explained.The virus detected was located outside of Belgacom’s telecom network, on the internal systems, “at no point in time has the delivery of our telecommunication services been compromised,” the statement added. Taken at face value, Belgacom’s statement is overly generic and doesn’t really get into any real details. Direct questions to the firm result in referrals to the statement, or the prosecutor’s office, which will not disclose data related to an ongoing case.However, sources have told local media (De Standaard) that at least two years worth international phone traffic was compromised by the discovered malware. In a press conference, Belgacom said that they had no idea how long the malware was present on their network, but deflected more direct questions. Citing well-informed sources, another local report (NRC.nl) said that the attackers — likely the NSA or Britain’s GCHQ — were focused on Belgacom’s International Carrier Services, a support service that delvers traffic between Swisscom and South Africa’s MTN, which is also one of the largest service providers in Africa and the Middle East.If true, then these allegations align with what’s been publically reported about the Tempora program ran by the GCHQ.During the press conference, Jean-Pascal Labille, the Minister of Public Enterprises and Development, when asked to speculate on if a foreign government was involved, deferred to the courts on the matter.“It is up to the court to do its job. Once the perpetrators are identified, we will respond appropriately, I assure you,” he said. Related content news Okta launches Cybersecurity Workforce Development Initiative New philanthropic and educational grants aim to advance inclusive pathways into cybersecurity and technology careers. By Michael Hill Oct 04, 2023 3 mins IT Skills Careers Security news New critical AI vulnerabilities in TorchServe put thousands of AI models at risk The vulnerabilities can completely compromise the AI infrastructure of the world’s biggest businesses, Oligo Security said. By Shweta Sharma Oct 04, 2023 4 mins Vulnerabilities news ChatGPT “not a reliable” tool for detecting vulnerabilities in developed code NCC Group report claims machine learning models show strong promise in detecting novel zero-day attacks. By Michael Hill Oct 04, 2023 3 mins DevSecOps Generative AI Vulnerabilities news Google Chrome zero-day jumps onto CISA's known vulnerability list A serious security flaw in Google Chrome, which was discovered under active exploitation in the wild, is a new addition to the Cybersecurity and Infrastructure Agency’s Known Exploited vulnerabilities catalog. By Jon Gold Oct 03, 2023 3 mins Zero-day vulnerability Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe