According to Fabrice Clement, Belgacom's (Belgium's national telecom operator) head of security and information management, the attack "Operation Socialist" by GCHQ on Belgacom costs the company 19 million US dollars.





The attack was revealed by a German newspaper which published the leaked documents from NSA whistleblower Edward Snowden.





Operation Socialist

Britain's security agency, GCHQ implemented a man in the middle attack on Belgacom's International Carrier Services which intercepted and redirect the web traffic of targets to a fake linkedin page.





The fake linkedin page then installed a dropper on target's machine which assembled the malware based on many small pieces of software hidden in dozens of databases.The dropper then installed the malware and erased its tracks. The malware was additionally encrypted, at different levels. The encryption was unique and specific for each infected system. Then GCHQ attackers reportedly gained access to Balgacom's internet corporate network.





How Many Affected ?

A total of 124 systems, including email and SharePoint servers, were infected and some 26,000 PCs and workstations.





Fabrice Clement said "The attack was extremely sophisticated. It was clearly a new generation of malware that previously had never been established. It was also very well hidden"





"The volume of traffic was extremely low - only a few kilobytes. The malware was clearly not designed to intercept data in bulk. They were not out to copy databases. It was very specific information... But what exactly? We have no indication about that. The investigation is still ongoing," he added.