British Spies Hacked Telecom Network by Luring Engineers to Fake LinkedIn Pages

[InfoSec News <alerts () infosecnews org>]

http://www.wired.com/threatlevel/2013/11/british-spies-hacked-telecom/

By Kim Zetter
Threat Level
Wired.com
11.11.13

British spies hacked into the routers and networks of a Belgian 
telecommunications company by tricking telecom engineers into clicking on 
malicious LinkedIn and Slashdot pages, according to documents released by 
NSA whistleblower Edward Snowden.

Once engineers with Belgacom clicked on the fake pages, malware was 
installed surreptitiously onto their machines, giving the spooks with 
Britain's GCHQ the ability to penetrate the internal networks of Belgacom 
and its subsidiary BICS.

The primary aim, reports the German newspaper der Spiegel, which obtained 
the documents, was to compromise the GRX router system that BICS 
controlled, in order to intercept mobile phone traffic that got 
transmitted by the router.

The elaborate scheme, dubbed "Operation Socialist," involved first 
identifying key telecom administrators and members of computer security 
teams who likely had access to sensitive parts of the Belgacom network. 
The spies then produced a dossier of the targets' email addresses, social 
networking accounts and online reading habits using open source 
information that the employees freely provided online.

[...]



--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/