
How UK Spies Hacked a European Ally and Got Away with It - DyslexicAtheist
https://theintercept.com/2018/02/17/gchq-belgacom-investigation-europe-hack/
======
317070
It gets even better: Europol flat out refused to help in the investigation [1]

> However, Europol wanted nothing to do with the investigation and refused to
> assist, according to two sources familiar with the interaction. Europol
> asserted that it would not carry out investigations into other European
> Union member states – in this case, the U.K. The Belgians were frustrated
> and believed Europol had stonewalled them for political reasons; they noted
> with suspicion that the organization was led by Rob Wainwright, who is
> British.

I mean, what are we doing here? How can Europol so blatently refuse a case?
Isn't that a clear violation of the trias politica?

[1]
[https://translate.google.com/translate?sl=auto&tl=en&js=y&pr...](https://translate.google.com/translate?sl=auto&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=https%3A%2F%2Fwww.demorgen.be%2Fnieuws%2Feuropol-
weigerde-belgie-te-helpen-na-britse-spionage-bij-telecombedrijf-
belgacom-b672662a%2F&edit-text=&act=url)

~~~
stupidcar
Europol as an organisation has no power to act on its own, it relies on the
co-operation of the EU member states, and needs permission from the relevant
national authorities to conduct investigations and arrest suspects. Regardless
of the nationality of its leader, it can't realistically investigate British
suspects if the British won't co-operate, and there's no prospect of them
doing that here.

Furthermore, _all_ large countries, like Britain, France and Germany, engage
in this kind of espionage against "friendly" countries, and none of them want
an agency like Europol getting involved, because then they would reduce their
co-operation with it, and that would harm the fight against organised crime
and terrorism.

Basically, when it comes to a supranational organisation like Europol, real
separation of powers is impossible, because there's _always_ a political
calculus involved in a collaboration between sovereign countries with
occasionally competing interests.

~~~
Zak
> _Furthermore, all large countries, like Britain, France and Germany, engage
> in this kind of espionage against "friendly" countries_

Why is this tolerated? Is it, perhaps that surveillance a country cannot
legally conduct internally is conducted by its "friends", sometimes resulting
in relevant information being shared with its own intelligence services?

~~~
mc32
What are they supposed to do, declare war on each other? Spying isn't a new
craft. It's also arguably necessary given inter-national opaqueness on certain
issues.

Knowing what motivates your neighbors allows you to navigate the relationships
better

~~~
Zak
Some options that aren't war include:

* Make a very public stink about it. Publicize exactly what was done, how and who was involved. Attempt to attract the interest of the media in the hope that the electorate of the country in question will find spying on allies objectionable.

* Raise the issue with the EU parliament or possibly the UN. This may not have hard consequences, but officials having to answer for the behavior of their spy agencies can put pressure on those spy agencies.

* Use any of the many cooperative agreements between the countries in question as leverage to demand action against the officials who authorized the spying, evidence that it won't happen again, or compensation.

Of course, all of these have potential downsides, and I've ordered them from
what I think is low risk to higher risk. The fact that the usual result is a
quiet diplomatic protest and sweeping the event under the rug suggests that
governments think this kind of spying is acceptable, and the only problem is
getting caught.

------
pbhjpbhj
>Aside from Belgacom, the agency has broken into the computer systems of the
oil production organization OPEC; the Netherlands-based security company
Gemalto; and organizations that process international cellphone billing
records, including Switzerland’s Comfone. //

In theory any of these countries could surely just issue an arrest warrant for
the head of GCHQ and order their extradition.

In view of that it seems there's some other aspect preventing such actions --
like blackmail by GCHQ. Or controlling powers in Belgian security being in
part responsible.

Anyway, I wonder how much of this shit the Belgian public will put up with
post Brexit.

It still seems illegal under UK law -- these things do show how the powers
that be have no respect for the authority of the rule of law, that our
democracy is only allowed inasmuch as it doesn't interfere with their plans.

~~~
Tharkun
The Belgian public neither knowd nor cares. The press should have made a fuss
but didn't. I remember a couple of very short articles about it, which kind of
sort of maybe said the British might have potentially but not likely been
involved.

Belgium was designed to be a toothless and spineless state by the UK, France &
Germany, and it's playing its part wonderfully.

~~~
jacquesm
> Belgium was designed to be a toothless and spineless state by the UK, France
> & Germany, and it's playing its part wonderfully.

Belgium is in its own way more often than not, which is a pity because with
Brussels the de-facto capital of Europe the potential to become a regional
power-house is definitely there. But Belgian politics, the language divide and
a surprisingly large amount of corruption (a bit better than France but
substantially worse than Germany and NL) do not help.

~~~
Tharkun
I can't really speak for large scale corruption, but small scale corruption
and "bending the rules" is pretty much the only way anything gets done around
here..

------
jsiepkes
What is also quite interesting is that this (at least partially) came to light
because of the NSA breach. Couple of months ago we had Trump blabing his mouth
about the Dutch hacking the Russians. I wonder how much all this loosing of
secrets affects the standing of the US in the intelligence community.

------
jarym
First, it strikes me as obvious that if the Brits did this then it would have
had to have been with the blessing of their peers in Belgium

No senior GCHQ officer is going to sign off in a cyber hack of an ally unless
they had a really good reason and had covered their own ass.

But if they’d really been freewheeling then it amazes me just how much
impunity state apparatus can act with - what hope has an ordinary individual
or private company got of protecting themselves and seeking redress through
the courts?

~~~
hutzlibu
"No senior GCHQ officer is going to sign off in a cyber hack of an ally unless
they had a really good reason and had covered their own ass."

good reason: much more information

Covering: was very good, only because of Snowden it got linked to the UK

So even though it might be possible, that Belgium was in it on high level (you
hack, but we get data conveniently without legal issues), it is also very
possible, that they went for it without saying anything.

------
eecc
I’m starting to distrust the current security model of all major operating
systems. Assuming a safe CPU - and that’s a big one already - I’d like a
system where any random app does not have unfettered access to any user file,
where individual files can be classified and restricted from being accessed by
processes with network capabilities and so on. Android permissions are a
start.

This and browsers should really just execute in their own externally managed
sandbox

~~~
luch
You should take a look at QubesOS : [https://www.qubes-
os.org](https://www.qubes-os.org). Each application starts in a VM in order to
isolate them from each other.

The only issue is that QubesOS rely on paravirtualization (it's a Xen
hypervisor underneath) for process isolation.

(By the way Windows is taking the same path with ApplicationGuard)

~~~
madez
I think Qubes' approach should be the default. There is no valid reason for so
many permissions by default. The current default for example on Debian is
crazy! Any user can read the home directory of any other user by default! If
somebody whould have told me that before knowing it, I would have considered
it a bad joke. I can't fathom why it's not changed.

However, Qubes can't protect against malicious hardware. I see no way around
it, we must have hardware with completely open sources.

------
fimdomeio
I would love to know what plans does the eu have to stop routing so much
internet trafic via the uk once brexit effectivly takes place.

------
nickcox
The article doesn't seem to touch on the motivation for the attack. (Perhaps
it's taken to be obvious.) Why would the British government want to do this?

~~~
toyg
The main motivation is that Bruxelles is in Belgium. The US / UK / “Five Eyes”
security apparatus takes the EU more seriously than most EU members
themselves. Among other things, they really don’t want for anything like “an
European integrated army” to emerge as an alternative to Nato.

And the second motivation is that they can. The pre-Snowden speculation was
that all major European carriers are targets for NSA and friends, and the
Snowden files basically reinforced that view. The question is not “why should
they spy on their allies”, everyone has always done that; the question is the
degree of success that any given player achieves and what they do with the
info they gather. In this case, it looks like the operation was a great
success, followed by huge failure (it was burnt to the ground).

------
stevew20
This type of behavior is actually extremely commonplace. These are the ones
that were sloppy enough to get caught...

------
kylell
How can you get infected by just visiting a fake website, where they on
windows, are we doing such a poor job, we like to brag with nice titles,
architect etc, but the industry is quite shit, if you can get infected just by
visiting a site.

~~~
petepete
"After installing malware on the engineers’ computers by luring them to a fake
version of the LinkedIn website, GCHQ was able to steal their keys to the
secure parts of Belgacom’s networks and begin monitoring the data flowing
across them. "

FFS.

~~~
chatmasta
The computers of engineers are great targets for hacking. Dozens of package
managers across languages and operating systems, as well as GitHub, provide
easy vectors for getting complex code to execute on computer of the dev. Devs
are used to running code from the terminal, and typically have many
interesting files in their file systems that could assist with lateral
movement or even lead to compromising of the build system (!!)

Despite this, devs are still generally very cavalier about running code from
the internet on their machines. Often times they have no choice of security
mitigations because their package manager is compromised by flaws in its
design.

------
scdthrowrgjir
Hmm seems like Belgacom has had several visits from the NSA and/or GHCQ. The
most likely reason for these friendly visits is that Belgacom manged(manages?)
a couple of submarine cables in the middle east and north Africa. It's public
knowledge that either the NSA or GCHQ had infected their core
routers/switches.

When that story first came to light, what they didn't tell you is that the NSA
was also in Deutsche bank and several other financial institutions. Perhaps
they still are.

