NSA and GCHQ spoofed LinkedIn to hack Belgian cryptography professor

hacker cyber attack

Correction (2 February): This story originally and erroneously said Quisquater had fallen victim to a quantum insert attack. This was based on the original report stating that he was targeted using the same technique or a similar one to that used on Belgacom, which also used LinkedIn as a vector. However, that was reportedly a quantum insert attack, and Quisquater’s quotes describe a type of phishing attack. That said, NSA/GCHQ still seem to be involved, as this spun out of the existing investigation.

Belgium’s federal prosecutor is looking into the likely hacking of noted cryptographer Jean-Jacques Quisquater by the NSA and its British counterpart GCHQ, as first reported on Saturday morning by De Standaard.

Quisquater’s targeting became apparent during the investigation into the hacking of telecoms firm Belgacom, shown by Edward Snowden’s leaks to be the work of GCHQ.

jean-jacques quisquaterThe Universit√© catholique de Louvain professor fell victim to an emailed LinkedIn “request” from a non-existent European Patent Office employee. Quisquater, who holds 17 patents and is particularly noted for his work on payment security, told me the attack was “related to a variant” of MiniDuke, an exploit that quietly puts backdoors into the target’s system.

“The Belgian federal police (FCCU) sent me a warning about this attack and did the analysis,” Quisquater told me by email. As for the purpose of the hack: “We don’t know. There are many hypotheses (about 12 or 15) but it is certainly an industrial espionage plus a surveillance of people working about civilian cryptography.”

Whatever the precise motive, on the face of it Quisquater is very much a civilian target — a professor emeritus, not a spy, a terrorist nor a member of government. It would be difficult for any intelligence agency to claim that stealing information from him is a matter of crucial national interest. The aftermath of this revelation will be worth watching.

This article was updated at 9am PT to include Quisquater’s quotes and again at 9.50am PT to include comment.

loading

Comments have been disabled for this post