back to article GCHQ hijacked LinkedIn profiles to hack Belgian telecoms network – report

British spies intercepted LinkedIn profile pages and injected malware into them to ultimately infiltrate the networks of mobile operators and other telcos in Belgium. That's according to the latest round of documents leaked by master squealer Edward Snowden. German weekly Der Spiegel reported that when some engineers working …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    aaaaaaarrrgggggg

    Even though I'm posting anonymously I feel like GCHQ could own me if they wanted to.

    1. Anomalous Cowturd
      Black Helicopters

      Re: aaaaaaarrrgggggg

      They already do.

      You just aren't important enough to warrant doing anything about it.

      Yet...

      1. Anonymous Coward
        Anonymous Coward

        Re: aaaaaaarrrgggggg

        *Yet*

        If we upvote enough, does he become important enough? ;-)

  2. Anonymous Coward
    Anonymous Coward

    during the Arab Spring

    one of the evil dictators' 'CHQs slightly modified the javascript on Facebook, via an MiTM attack, such that all the user credentials were copied to the state. People were 404'ed. At least UK GCHQ is (currently) just going for the data.

  3. Bob Hoskins

    The headlines to come.....

    CESG / GCHQ CHECK scheme thoroughly corrupt and set up to spy on government departments and business alike.

    PGP pwned.

  4. Yet Another Anonymous coward Silver badge

    Heads will roll

    So now, in companies across Europe, Linkedin is being added to corporate firewall blocked sites, along with facebook.

    So GCHQ has damaged the share price of a US dot-net company - surely that's an act of terrorism?

    Will Cheltenham now be the subject of a US drone attack?

    1. Anonymous Coward
      Anonymous Coward

      Re: Heads will roll

      Will Cheltenham now be the subject of a US drone attack?

      They planned for that, hence the hole in the middle of the building...

      1. macole111

        Re: Heads will roll

        Surely they would need a hole at the edge?

      2. Jerky Jerk face

        Re: Heads will roll

        Which as we all know, stops planes and missiles just like the pentag..... oh wait never mind

    2. David 164

      Re: Heads will roll

      The US pay GCHQ at least a hundred million pounds a year, according to Snowden. I doubt even the US would want to see that investment go up in smoke. An GCHQ were providing help and services to most EU nations as well, even Germany.

      1. amanfromMars 1 Silver badge

        Rock and Roll Heads in Live Operational Virtual Environments be a Kin to Hippies of a Certain Age*

        The US pay GCHQ at least a hundred million pounds a year, according to Snowden. I doubt even the US would want to see that investment go up in smoke. An GCHQ were providing help and services to most EU nations as well, even Germany. .... David 164 Posted Monday 11th November 2013 22:27 GMT

        Methinks that investment is now considered to be far too light and an affronting piss-take and an upward adjustment to a cool $billion a year much more appropriate.

        And if info being shared is novel intelligence and stealthy and both simultaneously creatively and destructively disruptive and beta-testing advanced protocol encryption pools for zeroday vulnerability exploitation use and serious serial SCADA systems abuse with sterling reward for/from stirling type sublime intangible steganography, is IT raised into COSMIC $trillion mark€t places/spaces/virtual team terrain/SMARTR AI Territory .... and for which there is no known and readily available or possible defence.

        Such then makes its sterling stirling intelligence share an attack vector of quite unparalleled power and awesome control to command. And that be a most conservative appraisal and mega metadata base misunderestimation of ITs Potential in Current Para Political Fields and Ponzi Fiat Powering Schemes that Present Realities Today for Tomorrows Future Viewing and Experiencing.

        * Much easier to accept, one supposes, than having to admit and submit reports on an alien infiltration and makeover/foreign invasion and takeover, but to be proven wrong, with such reportings inevitable, will do no one positive and nothing instrumental in ensuring such assured changes, harm, for such be quite natural by virtue of its COSMIC IT Stealth and CyberIntelAIgent Virtual Phorm Design.

        AdAstral Park Doughnuts are a Delightful Confection quite beyond Earthy Earthly Compare, methinks.

  5. Anonymous Coward
    Anonymous Coward

    May + Hague say "It's a legal because we say it's legal." and will expect everyone to stop talking about it.

  6. amanfromMars 1 Silver badge

    By hook or by crook are hooks and crooks always outed

    Snowden and Russia must then have the Blair/Bush communications which the Cabinet Office wonks are allegedly refusing to release to Chilcot, although the gist of them is hardly ever gonna be a surprise to everyone and a state secret which needs to be protected.

  7. Roland6 Silver badge

    Cloaked man-in-the-middle attack

    I can't help noticing that LinkedIn seems to only use SSL/https for user login, after that all traffic uses http - I wonder when they will change to full https. Whilst this may not prevent GCHQ et al from reading traffic, it would make in-flight modification it more problemmatic.

    1. Anonymous Coward
      Anonymous Coward

      Re: Cloaked man-in-the-middle attack

      Explain to me why it would be required to hack that connection? US officials can simply walk through the front door and ask for the data.

      1. Roland6 Silver badge

        Re: Cloaked man-in-the-middle attack

        >Explain...

        GCHQ is in the UK, so can't just walk through the door, plus the claim made in Der Spiegel, is that GCHQ wanted access to systems within Belgacom not to their LinkedIn profiles...

        The Der Spiegel piece goes into more detail and gives a plausible technical explanation for why in-flight intercept and insertion would of been used for such activities - regardless of the agency behind it. Basically, they were doing "Quantum Insert's" on traffic from several websites (LinkedIn and Slashdot.org being explicitly named), to particular users.

      2. Anonymous Coward
        Anonymous Coward

        Re: Cloaked man-in-the-middle attack

        > US officials can simply walk through the front door and ask for the data.

        They can ask for the data. They can't (yet) ask for LinkedIn to amend their code to include spyware for specific users. Big difference.

        1. Yet Another Anonymous coward Silver badge

          Re: Cloaked man-in-the-middle attack

          >They can't (yet) ask for LinkedIn to amend their code to include spyware for specific users.

          Says who?

          Secret national security letter from a secret court tells you what to do - who you going to call?

          Isn't that pretty much what they wanted Lavabit to do?

  8. Anonymous Coward
    Unhappy

    And another internet services company takes a hit...

    Unfortunately, no matter what LinkedIn says, there's going to be a large number of the technically saavy who now believe that they are in bed with the greater Anglo-Saxon surveillance state.

  9. Anonymous Coward
    Anonymous Coward

    I hope LinkedIn and slashdot (they injected slashdot pages as well) sue.

    1. ed2020

      "I hope LinkedIn and slashdot (they injected slashdot pages as well) sue."

      So do I, but I can't help but think that, if they're successful, it's ultimately the British taxpayer who ends up footing the bill.

    2. Tom 35

      I expect they would just get a retroactive "get out of jail free" card like the US telephone companies caught providing mass intercept for the spies.

    3. NinjasFTW

      If nothing else, the should get the RIAA etc industries involved because GCHQ must have copied and used LinkedIns content without permission.

      Wonder who would win? ;)

      1. Anonymous Coward
        Anonymous Coward

        Re: Wonder who would win? ;)

        That's easy: GCHQ/CIA. After all RIAA/MPAA are only front groups to gather money for their black ops.

  10. Anonymous Coward
    Anonymous Coward

    So...

    If the Belgian telecom can find a sample of the malware and show it has suffered harm from this attack, I'd say they'd have a good case to sue the UK government. Unlike the US government, who could probably just brush it off, the UK is part of Europe, so there is probably a legal route to extracting compensation from the UK.

    Just a thought.

    1. Roland6 Silver badge

      Re: So...

      You are assuming that relevant agencies in Belgium weren't aware of the 'attack'...

      Sometimes it is helpful to hone your tools and master your craft in a 'friendly' exercise before deploying them against a real target...

      1. YARR
        Flame

        'Friendly' ???!

        I don't call hacking into private individual's or organisations' networks 'friendly', it's highly offensive and should be classified as a crime just as if anyone else attempted it. The innocent targets are perfectly 'real' as is the damage to their IT infrastructure.

        Revelations like these trash our national reputation in the eyes of other countries. To work in this division of GCHQ you must have to be somewhere between a prostitute and a contract killer in terms of moral depravity.

        Corrupt governments making secret agreements to spy on each other's citizens is a smokescreen for a global Big Brother state treating the public as criminals - it has nothing to do with our real national interest, and is in no one's interest except the tiny elite who control it.

        If they need to test out their technology on live targets they should do so legitimately by seeking permission from the target first. Probably via a front organisation, under a classified contract with financial compensation, and the support to fix the damage done by the attack.

        1. Roland6 Silver badge

          Re: 'Friendly' ???!

          Yarr, whilst I largely agree with your points, it is easy to jump to conclusions about these activities based on our own prejudices. My point was drawing attention to what we're not being told ie. what hasn't been published. For example, I've not seen a press statement from either Belgacom or the engineer that was contacted about the attack on them - so we don't actually know if Belgacom systems were compromised (this may happen now that some targeted companies are aware and investigating their systems).

          Whilst these agencies probably shouldn't be undertaking some of these activities, the Snowden disclosures are proving to be a mine of information about real world Internet insecurity beyond passwords and Windows security alerts...

    2. David 164

      Re: So...

      I doubt GCHQ would be stupid enough to leave a "copyrighted by GCHQ" in their code. Linking such Malware back to the UK will be next to impossible. if GCHQ were feeling particularly sneaky I am sure they could have laid a false trails so that it look like it was the Russians, Chinese or even the Israelis that were responsible for the Malware and for subsequent hacks.

  11. Anonymous Coward
    Anonymous Coward

    http://it.slashdot.org/story/13/11/11/157238/british-intelligence-responds-to-slashdot-about-man-in-middle-attack

    1. as2003

      Am I going to get hacked if I click that link?

      Do you work for NSA/GCHQ?

    2. Anonymous Coward
      Anonymous Coward

      British Intelligence?

      isn't that a contradiction in terms?

      1. Potemkine Silver badge

        Re: British Intelligence?

        "military intelligence" is.

    3. Sir Runcible Spoon
      Holmes

      Sir

      From the /. post (response from GCHQ) contained the following phrase..

      "and that there is rigorous oversight, including from the Secretary of State"

      I was under the impression that here in the UK, a Secretary of State is basically a member of the cabinet (i.e. head of a department) as such there is no the.

      However, in the USA there is a single entity holding that position, so could correctly be referred to as the.

      I will leave the conclusion as an exercise for the reader.

      1. Anonymous Coward
        Anonymous Coward

        Re: Sir

        Surely in this case theSecretary of State is correct, as in the Secretary of State for Foreign and Commonwealth Affairs ?

        1. Sir Runcible Spoon

          Re: Sir

          You could infer that, but it isn't stated.

          Also, what's the foreign affairs secretary doing overseeing wholesale spying on the home population, surely that would fall under the remit of the Home Secretary?

          Do you see why the distinction is important AC?

          1. Roj Blake Silver badge

            Re: Sir

            GCHQ's official purpose is to intercept foreign communications, therefore it answers to the FO.

            When it spies on Britons it does so unofficially.

            1. Sir Runcible Spoon

              @Roj Blake

              +1 for the subversive reference in your handle

  12. i like crisps
    Big Brother

    Blabbermouth...Squealer...tsk tsk tsk.

    You've done it again !!

  13. John Smith 19 Gold badge
    Gimp

    Because as we all know Belgium Telecom is *full* of terrorists

    Oh wait it was just one of the Telco's that GCHQ had not got round to accessing yet.

    It seems there is no way to muzzle the data fetishists of GCHQ.

    I will note that this is pretty poor security on both LinkedIn and Slashdot unless GCHQ had actually spoofed the page and it was not from them at all.

    1. BlueGreen

      Re: Because as we all know Belgium Telecom is *full* of terrorists

      > I will note that this is pretty poor security on both LinkedIn and Slashdot

      then roll your own. Disable jscript in the browser.

      And run as user not admin while you're at it.

  14. Anonymous Coward
    Anonymous Coward

    Mad in the middle detection

    Can't a web page create a checksum, which would indicate whether a man in the middle attack has happened? Of course such an attack could also create its own checksum. Would a secure connection prevent this?

    1. Anonymous Coward
      Anonymous Coward

      Re: Mad in the middle detection

      There is one way to create a 'checksum' that would be resistant to tampering. And that is to send the absolute minimum data (in information theory terms) required to achieve the purpose of the website. Anything more, and the site must have been tampered with. An added benefit is no ads. Win-win, I think.

  15. dssf

    I better not brag of having friends among the Xindi...

    Otherwise, I'd have to ask Silik and Daniels to return me some favors in this timeline.

    ----

    Anyway, now, these cretins in these organizations will just willy-nilly cause just about anyone to distrust everyone else with all their cracking.

    Maybe even employers that are SMART will just start firing their best sysadmins randomly, changing out their equipment randomly, and, if even SMARTER, collect forensics and IMMEDIATELY publish the suspected code. Maybe world tech companies will go Open Source due to gov spying. Po-li-tic justice? We'll see.

    When will it end?

    1. cracked

      When will it end?

      It won't.

      Not while you (and me ... and everyone else) are paying them to worry about everyone else. And you are paying them to worry about everyone else, aren't you?

  16. taxman

    LinkedIn?

    Sorry. Is this some sort of important software tool? Or software used by tools?

  17. Miek
    Big Brother

    GCHQ, if what you were doing were legal; you wouldn't have had to use malware to do it.

  18. Sir Runcible Spoon
    Coat

    What about BT?

    In order to tap UK comms wholesale, you only have to look for the wholesale provider of comms in the UK.

    Do GCHQ have the right to demand access from a private company in the UK? And if so, what kind of legal position does that leave BT in?*

    *Based on previous reports of abuse of this type, any complaints to the paid security force Police will just get buried. *cough*phorm*cough*

    Who's that rifling through my coat pockets? --->

    1. amanfromMars 1 Silver badge

      Re: What about BT? Answer: Up to their neck in IT but whether swimming or floundering, who knows

      We appear to be on not too dissimilar wavelengths and singing similar tunes, Sir Runcible Spoon, and quite possibly or even probably have access to like hymn books, for BT is not able to paint itself a virgin innocent in all that stealth and spookery conspires and aspires to achieve. Indeed, to consider itself as anything other than a leading player and conniving assisting component which be quite elemental and fundamental to UKGBNI Great Games Plays, is pure delusion squared and totally unnecessary in intelligent intelligence community circles …. Per Ardua ad Astra MetaDataBases/Virtual Space Campuses and all that jizz and jazz/hocus pocus.

      And as for YARR’s 'Friendly' ???! outburst of righteous virtuous indignation …. Posted Monday 11th November 2013 21:46 GMT ….. well, whoever/whatever does he imagine systems are confronted by and with today for Command and Control of Tomorrow, which be always the COSMIC Prize that Surprises?

      Although to be perfectly fair, he/she/it does not fail to identify the ilk to a pretty certain and quite accurate degree in the post with this diamond gem of a gold nugget …..

      Revelations like these trash our national reputation in the eyes of other countries. To work in this division of GCHQ you must have to be somewhere between a prostitute and a contract killer in terms of moral depravity.

      Hookers and psychos rule in all of the best and worst of spaces and places, and aint that the GOD honest truth. :-)

  19. Potemkine Silver badge

    Perfidious Albion

    With friend like UK, who needs enemy?

  20. Anonymous Coward
    Anonymous Coward

    The FIX: ENIGMA-Style Cryptography

    See scherbius2014.de

    An before you call it "retro", please tell me how you plan to defeat the malware they have written for your USB memory stick controller. That little thing with 100kloc of C code and 137 zero-days we have never heard of. And the corresponding bag of fleas that is the USB controller talking to the USB memory stick.

This topic is closed for new posts.

Other stories you might like