Belgacom, the largest telecoms company in Belgium, has announced today that its systems were hacked into, and that it found “an unknown virus in a number of units in [its] internal IT-system.”
Belgacom – which handles some of the undersea cables that carry voice and data traffic around the world – is naturally keen to reassure its customers, and its FAQ says that “thus far” it has found no evidence that users’ data or communications were impacted by the hack.
Has there been any damage for your customers?
No, thus far we have no indication of any impact on our customers or their data. The virus has only been detected in the internal computer system of Belgacom, not in its telecom network.
According to the telecom company’s official statement (quaintly titled “Belgacom takes actions related to IT security”, presumably in an attempt to make the story sound as un-sexy as possible), the unknown malware was found on “a few tens” of employee workstations. Dozens of employees worked over the weekend ensuring that affected systems were cleaned up.
So far, it doesn’t sound *that* worrying. Companies find malware on their computers all the time, and it sounds like they were able to clean up their systems without too much pain, although there remains a concern about what information might have been taken while the “unknown virus” was in place.
But wait a minute.
Some media reports, have tried to shed more light on the story, saying that well-informed sources have confirmed that Belgacom’s systems were bugged for more than two years, most probably by the USA or the United Kingdom’s GCHQ.
Could the hackers have been interested in BICS (Belgacom International Carrier Services), which provides wholesale carrier services around the world to wired and wireless operators, and service providers?
As Giga OM explains, if BICS had been compromised, it might help intelligence agencies to gather data on communications coming from the likes of Syria and Yemen.
Frankly, there’s not enough information available to put a convincing case together at the moment of NSA or GCHQ involvement in the hack. And it’s certainly not an avenue of discussion that Belgacom are likely to be comfortable travelling down.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.