Did the NSA and GCHQ hack this cryptography professor’s PC?

Jean-Jacques QuisquaterBelgian cryptographer Jean-Jacques Quisquater is in the spotlight, after reports were published this weekend claiming that his PC might have been hacked by the United States National Security Agency or Britain’s GCHQ.

According to local media reports, the internationally-renowned expert’s computer was compromised, in a case that has been linked to GCHQ’s successful infection with spyware of Belgium’s leading telecoms company, Belgacom.

“The Belgian federal police (FCCU) sent me a warning about this attack and did the analysis,” Quisquater told Giga Om reporter David Meyer via email, but admitted he did not know the purpose of the hack. “We don’t know. There are many hypotheses (about 12 or 15) but it is certainly an industrial espionage plus a surveillance of people working about civilian cryptography.”

Quisquater, a professor at the Université catholique de Louvain, told Meyer that his computer was infected approximately six months ago, by a variant of the MiniDuke malware.

Malicious PDFIn February 2013, security firm Kaspersky reported how they had seen the MiniDuke malware attacks exploiting a zero-day Adobe Reader vulnerability, opening backdoors for remote hackers to gain access to infected computers.

At the time, researchers said they were seeing boobytrapped PDF files distributed, disguised as content related to human rights seminars, Ukraine’s foreign policy, and NATO membership plans.

Putting two and two together, it wasn’t hard to speculate that MiniDuke was being used for state-sponsored espionage.

Questions will surely be asked as to whether GCHQ and NSA were really involved in a hack against a private citizen, engaged in cryptography research. A man who, one presumes, the authorities have no reason to believe is involved in terrorist activity.

And, lets not forget, Jean-Jacques Quisquater is based in Belgium, a friendly EU partner of the United Kingdom.

It seems clear to me that anyone working in cryptography research now needs to consider themselves a potential target for state-sponsored cyber-attack, even from countries who you might consider to be on the same side as you.

Via: Giga Om.

Tags: , , , , , , , ,


, , , , , , , ,

No comments yet.

Leave a Reply

XSLT by CarLake