NSA, GCHQ allegedly created fake LinkedIn page to hack Belgian professor
By End the Lie
The Belgian federal prosecutor is reportedly investigating the alleged hacking of cryptography professor Jean-Jacques Quisquater via a fake LinkedIn page by the NSA and GCHQ.
Read our latest articles: “Canadian government official denies surveillance reports, calls Greenwald a ‘porn spy’” and “EFF, ACLU sue police agencies for information on automatic license plate readers”
The hacking of Quisquater was revealed in the process of investigating the hacking of Belgacom, a Belgian telecom corporation, which was carried out by GCHQ according to Edward Snowden’s leaks.
The hack of Belgacom was reportedly first discovered in September 2013 and involved GCHQ injecting malware onto the firm’s network to tap telephone and data traffic.
Quisquater, a professor at Université catholique de Louvain, was reportedly targeted by the same attack used on Belgacom.
The technique, called a “quantum insert,” tricked him into believing he was responding to a request on a legitimate LinkedIn page. In reality, he was visiting a fake page that placed malware onto his system.
“The Belgian federal police (FCCU) sent me a warning about this attack and did the analysis,” Quisquater said to David Meyer of GigaOm via e-mail.
The purpose of the sophisticated attack remains unclear.
“We don’t know. There are many hypotheses (about 12 or 15) but it is certainly an industrial espionage plus a surveillance of people working about civilian cryptography,” Quisquater said.
Quisquater said that the malware on his system is related to the “MiniDuke” malware discovered in February of 2013.
Quisquater told De Standaard (Google translation available here) that he believes the hacking was recent and that he was not the only one who was targeted by American and British intelligence agencies.
The earlier De Standaard report stated that the infection was about six months old. The paper noted that it is interesting for such a well-known cryptography professor to be targeted.
Given the NSA and GCHQ’s interest in undermining civilian cryptography, the targeting of Quisquater, if true, wouldn’t be all that shocking.
Last year, it was reported that GCHQ works closely with major European spy agencies for surveillance purposes. It was also reported that the NSA paid influential security company RSA $10 million, apparently to weaken encryption standards.
The National Institute of Standards and Technology (NIST) denied reports published last year based on Snowden leaks alleging that the group changed encryption standards to make them easier for the NSA to crack.
In early January it was reported that the NSA is working on a “quantum computer” capable of cracking nearly all forms of encryption at unimaginable speeds.
At this point, the allegations remain to be proven. Most of the stories currently published on this attack are not in English.
We would love to hear your opinion, take a look at your story tips and even your original writing if you would like to get it published. Please email us at [email protected]