GCHQ spoofed LinkedIn site to target global mobile traffic exchange and OPEC – report

Published time: November 11, 2013 00:23    Edited time: November 11, 2013 01:05                                                                            

Satellite dishes are seen at GCHQ's outpost at Bude, close to where trans-Atlantic fibre-optic cables come ashore in Cornwall, southwest England (Reuters/Kieran Doherty)Satellite dishes are seen at GCHQ’s outpost at Bude, close to where trans-Atlantic fibre-optic cables come ashore in Cornwall, southwest England (Reuters/Kieran Doherty)

The UK’s electronic spying agency has been using spoof version of LinkedIn professional social network’s website to target global roaming data exchange companies as well as top management employees in the OPEC oil cartel, according to Der Spiegel report.

The Government Communications Headquarters has implemented a  technique known as Quantum Insert, placing its servers in  strategic spots where they could intercept and redirect target  traffic to a fake website faster than the legitimate service  could respond.

A similar technique was used earlier this year to inject malware  into the systems of BICS, a subsidiary of Belgian state-owned  telecommunications company Belgacom, which is another major GRX  provider.

In the Belgacom scandal first it was unclear where the attacks were coming from. Then  documents from Snowden’s collection revealed that the surveillance attack probably  emanated from the British GCHQ – and that British intelligence  had palmed off spyware on several Belgacom employees.

      The Global Roaming Exchange (GRX) is a service which allows      mobile data providers to exchange roaming traffic of their      user with other providers. There are only a few dozen      companies providing such services globally.

Now it turns out the GCHQ was also targeting networking,  maintenance and security personnel of another two companies,  Comfone and Mach, according to new leaks published in the German  magazine by Laura Poitras, one of few journalists believed to have  access to all documents stolen by Snowden from the NSA.

Through Quantum Insert method, GCHQ has managed to infiltrate the  systems of targeted Mach employees and successfully procured  detailed knowledge of the company’s communications  infrastructure, business, and personal information of several  important figures.

A spokesman for ‘Starhome Mach’, a Mach-successor company, said  it would launch “a comprehensive safety inspection with  immediate effect.”


LinkedIn headquarters in Mountain View, California. (Justin Sullivan/Getty Images/AFP) LinkedIn headquarters in Mountain View, California. (Justin Sullivan/Getty Images/AFP)


The Organisation of Petroleum Exporting Countries was yet another  target of the Quantum Insert attack, according to the report.  According to a leaked document, it was in 2010 that GCHQ managed  to infiltrate the computers of nine OPEC employees. The spying  agency reportedly succeeded in penetrating the operating space of  the OPEC Secretary-General and also managed to spy the on Saudi  Arabian OPEC governor, the report suggests.

LinkedIn is currently the largest network for creating and  maintaining business contacts. According to its own data the  company has nearly 260 million registered users in more than 200  countries. When contacted by The Independent, a LinkedIn  spokesman said that the company was “never told about this  alleged activity” and it would “never approve of it,  irrespective of what purpose it was used for.”

According to a cryptographer and security expert Bruce Schneier,  Quantum Insert attacks are hard for anyone except the NSA to execute,  because for that one would need to “to have a privileged  position on the Internet backbone.”

The latest details of GCHQ’s partnership with the NSA were  revealed just last week, after the reports emerged that GCHQ was  feeding the NSA with the internal information intercepted from Google and Yahoo’s private  networks.

The UK intelligence leaders have recently been questioned by British lawmakers about their  agencies’ close ties and cooperation with the NSA.

The head of GCHQ, Sir Ian Lobban, lashed out at the global media for the coverage of  Edward Snowden’s leaks, claiming it has made it “far  harder” for years to come to search for “needles and  fragments of needles” in “an enormous hay field” of  the Internet.

However, the intelligence chiefs failed to address public fears  that Britain’s intelligence agencies are unaccountable and are  operating outside the law.



Categories: Cyber Security, Intelligence Gathering

Tags: , , , , , , ,

1 reply

  1. Since he has been in office this time, especially…I stay off Linkedin.


%d bloggers like this: