Belgacom, the largest telecoms company in Belgium, has announced today that its systems were hacked into, and that it found “an unknown virus in a number of units in [its] internal IT-system.”
Belgacom – which handles some of the undersea cables that carry voice and data traffic around the world – is naturally keen to reassure its customers, and its FAQ says that “thus far” it has found no evidence that users’ data or communications were impacted by the hack.
Has there been any damage for your customers?
No, thus far we have no indication of any impact on our customers or their data. The virus has only been detected in the internal computer system of Belgacom, not in its telecom network.
According to the telecom company’s official statement (quaintly titled “Belgacom takes actions related to IT security”, presumably in an attempt to make the story sound as un-sexy as possible), the unknown malware was found on “a few tens” of employee workstations. Dozens of employees worked over the weekend ensuring that affected systems were cleaned up.
So far, it doesn’t sound *that* worrying. Companies find malware on their computers all the time, and it sounds like they were able to clean up their systems without too much pain, although there remains a concern about what information might have been taken while the “unknown virus” was in place.
But wait a minute.
Some media reports, have tried to shed more light on the story, saying that well-informed sources have confirmed that Belgacom’s systems were bugged for more than two years, most probably by the USA or the United Kingdom’s GCHQ.
Could the hackers have been interested in BICS (Belgacom International Carrier Services), which provides wholesale carrier services around the world to wired and wireless operators, and service providers?
As Giga OM explains, if BICS had been compromised, it might help intelligence agencies to gather data on communications coming from the likes of Syria and Yemen.
Frankly, there’s not enough information available to put a convincing case together at the moment of NSA or GCHQ involvement in the hack. And it’s certainly not an avenue of discussion that Belgacom are likely to be comfortable travelling down.
Come on Graham – don't feed into the FUD of the NSA/GCHQ flames. Occam's razor is probably applicable here, and the most simple answer is that malware has been persistent on the machines (like probably everywhere else) and it needs to be cleared up – UNTIL such time as we have evidence to the contrary we shouldn't treat this as an international conspiracy without hard evidence.
// @Wh1t3Rabbit