A Belgian telecom company that handles some of the undersea cables that carry international voice traffic said Monday that its internal network had been compromised sometime in the last few months and malware had planted on some of its systems. Belgacom said the attack only affected its own systems, and not those of customers, and said it has filed a complaint with the Belgian federal authorities about the incident.

The attack reportedly affected a few dozen machines on Belgacom’s network, including some servers, and the company’s CEO said in a press conference that he had no idea how long the malware had been present in the network. There are reports that the intrusion had been active for as long as two years by the time the Belgian company discovered it. Belgacom officials took remediation steps over the weekend to remove the unidentified malware.

“This weekend, Belgacom successfully performed an operation in the light of its continuous action plan to protect the security of its customers and their data and to assure the continuity of its services,” Belgacom said in a statement.

“Previous security checks by Belgacom experts revealed traces of a digital intrusion in the company’s  internal IT system. Belgacom has taken all appropriate actions to protect the integrity of its IT system and to further reinforce the prevention against possible incidents.”

Belgacom is the biggest telecom in Belgium and the country’s government is the majority shareholder in the company. The company provides a variety of voice and data services to carriers around the world, including leased capacity on undersea cables that carry large amounts of international traffic through its BICS (Belgian International Carrier Services) offering.  That traffic would be a likely target for an attacker. Belgacom officials said that they’re not naming the intruder, but have filed a complaint with the Belgian federal prosecutor about the incident.

“For Belgacom, the protection of the customers and their data is a key priority. At this stage there is no indication of any impact on the customers or their data. At no point in time has the delivery of our telecommunication services been compromised,” the company statement said.

“Belgacom strongly condemns the intrusion of which it has become a victim. The company has filed a complaint against an unknown third party and is granting its full support to the investigation that is being performed by the Federal Prosecutor.”

Image from Flickr photos of Greckor

Categories: Critical Infrastructure, Government, Hacks