[Cryptography] Belgian cryptography professor hacked

Tue Nov 25 11:29:13 EST 2014

FYI --

http://www.standaard.be/cnt/dmf20140201_011

ENGLISH SUMMARY – Belgian professor in cryptography hacked

01/02/2014 om 08:00 door Mark Eeckhaut and Nikolas Vanhecke

This is an English summary of an article published in today's edition of Belgian newspaper De Standaard.  The article concerns the hacking of the computer of professor Jean-Jacques Quisquater, a renowned expert in cryptography.  Suspicions arose that the hacking of Professor Quisquater was done by the U.S. National Security Agency or the British GCHQ.  The case is under investigation by Belgian authorities.

A new Belgian episode in the NSA scandal: Belgian professor Jean-Jacques Quisquater, internationally renowned expert in data security was the victim of hacking.  And, as was the case in the Belgacom hacking affair, there are indications the American secret service NSA and its British counterpart, the GCHQ might be involved.

There isn't a card with an electronic chip available, or it has some sort of security technology that UCL professor Jean-Jacques Quisquater (67) was involved in developing.  If you are able to withdraw money from a cashpoint safely, for example, that is to some extent due to Quisquater's work on complicated mathematical algorithms.  He was also involved in the development of the Proton payment system in Belgium.  That very same Jean-Jacques Quisquater has now been the victim of a hacking attack, that has all the signs – as was the case in the Belgacom affair - of 'state-sponsored espionage', De Standaard has discovered.

The authorities investigating the Belgacom hacking case confirm they have opened a case.  Quisquater himself has lodged a formal complaint.

Earlier this week, whistle blower Edward Snowden gave an interview to German television channel ARD in which he claimed the NSA's espionage activities are not only aimed at protecting US national security – in the so-called 'war on terror' – but also at companies and private individuals.  The Quisquater case seems to indicate the Belgian justice department might be able to demonstrate Snowden's claims are more than a mere figment of his imagination.  As far as we are able to tell, this is the first instance in which a private person is seen as a victim in the NSA case.

According to our sources, the Quisquater hacking was discovered during an investigation into the Belgacom hacking case.  Also according to our sources, that malware or techniques similar to those used in the Belgacom hacking were used to hack into Quisquater's computer.

It is not a big surprise the Belgian mathematician might have been targeted by the NSA: Jean-Jacques Quisquater is a a well-respected professor in cryptography at the Université Catholique de Louvain (UCL) in Louvain-la-Neuve.  He has no involvement in the 'war on terror' the US are waging, but there are many other reasons he is an interesting target.  Quisquater is world-wide renowned because of his work in cryptography.  Cryptographers enable systems, thanks to complicated sets of algorithms, to exchanges data in a secure way over, for example, the internet.

Quisquater has earned his reputation: he has 17 patents in his name, he headed the 'Crypto group' at the UCL and was awarded the RSA Conference Award for Excellence in the Field of Mathematics.

His computer was infected after clicking a (bogus) LinkedIn invitation of a non-existent employee of the European patent office.  That allowed the intruders to follow all of the professor's digital movements, including his work for international conferences on security.  Quisquater also had contact with NXP, a company based in Leuven and specialized in electronic equipment where security is an important issue, such as mobile phones.

Interesting fact: German chancellor Angela Merkel, also hacked by the NSA, has three mobile phones.  Only one of them is protected.  According to our sources the protected  mobile was protected by NXP technology and was not hacked by the NSA.

Needless to say, a secret service that can monitor Quisquater's computer, has a unique access point to the tightly-knit world of cryptography, that is crucial for the protection of any form of digital communication.