14 DAY TRIAL // The GCHQ went to new lengths to get its hands on information coming from internal networks of communications and billing companies by using a fake copy of LinkedIn.
The spy agency was seeking a way to infiltrate the Belgacom internal network and that of BICS, its subsidiary. Employees of these companies simply had to pull up their LinkedIn profiles, with pages looking the same as always. There was one thing different, however, a small piece of malware that swiftly turned their computers over to the GCHQ.
Furthermore, by hacking into BICS, the GCHQ got access to the GRX router system, which is required when people use their phones to make calls or go online while abroad. Der Spiegel points out that British spies have been hard at work for years to build up a system that enabled them to transform every mobile phone into a monitoring tool that can be activated at any time.
The latest detail comes from German publication Der Spiegel, who bases the article on files leaked by Edward Snowden. It seems that a group inside the intelligence agency, called MyNOC (My Network Operations Centre) and which specializes in infiltrating foreign networks, is responsible for the breach.
LinkedIn wasn’t the only way the GCHQ was targeting Belgacom employees, but also Slashdot.org, a popular news site. The computers affected enabled GCHQ to infiltrate the company’s internal network.
In the GCHQ presentation, it is revealed that Belgacom isn’t the only target, but also other companies. One of them is Comfone, a Swiss company, while the other is Mach, which has since split into Syniverse and Starhome Mach.
To see the extent of the operation, an example is given. A Mach computer expert working from India was listed as a target of the intelligence agency. The files include his Skype username, Gmail account and profile on a social network. The GHCQ even got access to his cookies, identified IP addresses he uses to go online for work or personal use.