Skip to main content

NSA used LinkedIn to steal secrets from Belgian cryptographic expert

Belgium's federal prosecutor is looking into accusations that the famous civilian cryptographer Jean-Jacques Quisquater was hacked by the American National Security Agency (NSA) and Britain's Government Communications Headquarters (GCHQ).

The hacking apparently involved the use of a spoof LinkedIn email to snare the target and dupe him into downloading "a variant" of MiniDuke, an exploit that puts backdoors into the target's system without their knowledge.

The attack was first reported on Saturday morning by Flemish daily newspaper De Standaard.

A professor at the Université catholique de Louvain, Quisquater is one of the foremost civilian cryptologists in the world. He holds 17 different patents related to IT security, and is particularly noted for his ground-breaking work on payment security.

While revelations of the spying tactics of the NSA and GCHQ have caused a great deal of consternation among governments like those of Germany and Brazil, and private companies like Google and Facebook, this is the first time it has been suggested that a civilian academic has been the target of a malicious hack by the US spy agencies.

"The Belgian federal police (FCCU) sent me a warning about this attack and did the analysis," Quisquater told the press.

Asked what the purpose of the attack might have been, he replied: "We don't know. There are many hypotheses (about 12 or 15) but it is certainly an industrial espionage plus a surveillance of people working about civilian cryptography."

It seems the US and UK spy agencies were trying to stay one step ahead of civilian cryptographic academics by stealing data from their research.

In a public relations sense, this will be damaging, but in a legal sense this is indefensible: it will be especially hard for either spy agency to justify theft from academics in the name of national security.

UPDATE: Quisquater has said that the reports of the NSA and GCHQ's involvement in the hacks could be premature, and that the techniques used were not those commonly used by the agencies. He speculated that the attacks could have come from Asia.