GCHQ spoofed LinkedIn site to target global mobile traffic exchange and OPEC – report
The UK’s electronic spying agency has been using a spoof version of LinkedIn professional social network's website to target global roaming data exchange companies as well as senior management in the OPEC oil cartel, according to a Der Spiegel report.
The Government Communications Headquarters has implemented a
technique known as Quantum Insert, placing its servers in
strategic spots where they could intercept and redirect target
traffic to a fake website faster than the legitimate service
A similar technique was used earlier this year to inject malware into the systems of BICS, a subsidiary of Belgian state-owned telecommunications company Belgacom, which is another major GRX provider.
In the Belgacom scandal first it was unclear where the attacks were coming from. Then
documents from Snowden’s collection revealed that the surveillance attack probably
emanated from the British GCHQ – and that British intelligence
had palmed off spyware on several Belgacom employees.
The Global Roaming Exchange (GRX) is a service which allows mobile data providers to exchange roaming traffic of their user with other providers. There are only a few dozen companies providing such services globally.
Now it turns out the GCHQ was also targeting networking, maintenance and security personnel of another two companies, Comfone and Mach, according to new leaks published in the German magazine by Laura Poitras, one of few journalists believed to have access to all documents stolen by Snowden from the NSA.
Through the Quantum Insert method, GCHQ has managed to infiltrate the systems of targeted Mach employees and successfully procured detailed knowledge of the company’s communications infrastructure, business, and personal information of several important figures.
A spokesman for ‘Starhome Mach’, a Mach-successor company, said it would launch “a comprehensive safety inspection with immediate effect.”
The Organization of Petroleum Exporting Countries was yet another target of the Quantum Insert attack, according to the report. According to a leaked document, it was in 2010 that GCHQ managed to infiltrate the computers of nine OPEC employees. The spying agency reportedly succeeded in penetrating the operating space of the OPEC Secretary-General and also managed to spy the on Saudi Arabian OPEC governor, the report suggests.
LinkedIn is currently the largest network for creating and maintaining business contacts. According to its own data the company has nearly 260 million registered users in more than 200 countries. When contacted by The Independent, a LinkedIn spokesman said that the company was “never told about this alleged activity” and it would “never approve of it, irrespective of what purpose it was used for.”
According to a cryptographer and security expert Bruce Schneier, Quantum Insert attacks are hard for anyone except the NSA to execute, because for that one would need to “to have a privileged position on the Internet backbone.”
The latest details of GCHQ’s partnership with the NSA were revealed just last week, after the reports emerged that GCHQ was feeding the NSA with the internal information intercepted from Google and Yahoo’s private networks.
The UK intelligence leaders have recently been questioned by British lawmakers about their agencies’ close ties and cooperation with the NSA.
The head of GCHQ, Sir Ian Lobban, lashed out at the global media for the coverage of Edward Snowden’s leaks, claiming it has made it “far harder” for years to come to search for “needles and fragments of needles” in “an enormous hay field” of the Internet.
However, the intelligence chiefs failed to address public fears that Britain’s intelligence agencies are unaccountable and are operating outside the law.