Tuesday, 6 August 2013

NSA Cyber Experts Helped Belgian military intelligence GISS Defence Cyber Incidents

Interview with General Eddy Testelmans, head military intelligence GISS.
American cyber experts have linked the Belgian military intelligence GISS helped early 2013 in a serious cyber incident. To the NSA This confirms Testelmans General Eddy, head of GISS, in an exclusive interview with MO *. Testelmans light a corner of the veil on the self-capacitance of defense to intercept. Abroad communication
According to Defence Minister Pieter De Crem hackers regularly focus their sights on the information systems of the Belgian army. It is up to the military intelligence to investigate and respond to cyber attacks. MO * learned on good authority that the GISS around the turn itself was the target of a major cyber incident.
Is it true that the GISS network had to be shut down even a few weeks and that the National Security Agency (NSA) is to intervene? What exactly happened?
Testelmans : Internally, the GISS a highly secure electronic network to exchange classified documents. In addition there is a second network to communicate non-classified information between employees and to communicate. With the outside world, That QET.be network (qet GISS refers to the motto " Quaero et tego "I study and protect, kc ) is linked to the Internet.
Average every two years we do a major maintenance of the latter network: software remove or update; increase storage capacity, home, garden and kitchen viruses remove ... Because it anyway is calmer in the Christmas period, we are then with the scheduled maintenance started.
During our maintenance technicians came across a software that we did not install yourself. It was a virus of some complexity. We are self started to decipher and analyze, to know what it would cause. However, it was so complex that we do not quite uitraakten with our own capacity. Then we have requested support for the Cyber ​​Command of the U.S. Army, that just as the NSA is headed by General Keith Alexander.
The bilateral relations between Belgium and the U.S. are very good, the Americans have therefore to think. Ask for help on our long After a few days, a team of American specialists came through here to assist. Us with advice and assistance They help analyze the virus and gave tips to us better in the future against such malware protection.
What did the virus exactly? Has done much damage to the GISS?
Testelmans: I can not say anything about. Also about the origin I can lose anything.
Was it an individual hacker, a specialized company or the secret service of a foreign power?
Testelmans: Given the complexity of the virus, we assume that a professional organization behind Sat.
Are you sure the Americans have installed to access your systems? Itself no access loophole during the work
Testelmans: Yes. Before the work started, we have made ​​clear agreements about who would get to the network. Our experts were still present. It happened very correct.
The Belgian Army Cyber ​​Command and the NSA need?
Testelmans: specic In this case, we are glad that we could do on a larger brother called.
Why did you U.S. intelligence to help and not, say, a European partner, the German Federal Office for Information Security Technology (BSI) for example?
Testelmans: We work within the NATO context. And we chose to knock at the global cyber specialists. And these are simply the Cyber ​​Command and the NSA. Moreover, we have a very good relationship with them, open and professional, in both directions. This fact proves that in the domain of cybersecurity multinational collaboration of immense importance.
Visit to the NSA
Minister De Crem said about that on 9 July in the House that the GISS 'under very specific cases also exchange information with the NSA, on issues that pose a threat to the Belgian State or citizens. "
Testelmans: The information that the NSA picks it up, through various channels to Belgium through: the CIA, the FBI and the Defense Intelligence Agency (DIA). When it comes to operations abroad which we participate, it happens that information exchange in the theater with the DIA. Wanner it comes to Belgian territory, it's usually through the CIA working with information from the NSA. In the fight against extremism and terrorism, it is clear that the information the NSA is more relevant to the State Security than for us, except for military operations abroad Afghanistan for example.
Have you ever direct contact with the NSA?
Testelmans: It is. In the domain SIGINT (SIGINT stands for signals intelligence , ck ) come several times a year experts together to talk about technology and to exchange information. That's really high tech . We also have contacts in the field of cyber security, with their Central Security Service, which is responsible for the security of networks and information.
A few weeks ago I have been down in Fort Meade, the headquarters of the Cyber ​​Command and the NSA in Maryland near Washington itself. They are huge buildings, with capacities that we only dream of. The Cyber ​​Command employs about six thousand people.
What are you going to do there?
Testelmans: I wanted to know how the United States organized at national level in the field of cyber security. How do they do that? The Defense protects itself? How do they protect national critical infrastructures? How is the economic and scientific potential secured? Since we are also thinking about it. And instead of the hot water to find out you can learn more from others. It is always good to see the ultimate and then you can try to translate to your own level. I have indeed been in that context in the Netherlands and Switzerland and we have also studied the German example.
"NSA has three attacks occur in Belgium '
Do you also meet in Fort Meade General Keith Alexander, the big boss of the NSA?
Testelmans: In Fort Meade, I met the Deputy of General Alexander. General Alexander himself I met later in another forum.
Have you talked about Prism, the secret spy programs that Edward Snowden has unveiled?
Testelmans: Only informally. The deputy told that General Alexander in due time his colleagues would inform Prism what is and is not, to overcome. Necessary misunderstandings That has now happened. We have for example the speaking notes received from the hearing with General Alexander in mid-June in the U.S. Congress. We also receive regular progress-they are relatively open about it. In his speech to parliament Alexander explained how many terrorist attacks the NSA has been able to defeat. Not only in the U.S. but also in partner countries such as Belgium.
And is that information? Has the NSA indeed help prevent attacks here
Testelmans: Yes. In three cases, there is indeed a possible terrorist act foiled based on information which we may assume that it comes directly from the PRISM system, and that is our concern. Classified through channels If the NSA had not played that info we had not known. In this connection, to reflect on whether it is sufficiently armed for the fight against terrorism, against serious cross-border crime and the proliferation of weapons of mass destruction.
In one of "It's not because the Belgian army is not present in Syria, that we can be in what is happening in Syria. uninterested" that three cases involved the infamous New Year alarm 2007. And the other two?
Testelmans: The details I can not give. But I can say that Belgium is likely remained. Heavy incidents contraceptives
Have you-like-Germany itself also access Prism?
Testelmans: Yes. So how it works: donnant-donnant . If we have important information about things that could harm U.S. interests and vital may be, we share that out.
Belgium also intercepted communications abroad
The GISS does also SIGINT itself: you yourself also intercept communications. Who are the targets?
Testelmans: We only intercept communications abroad and from abroad. We do this in support of our military operations abroad. You should know that our SIGINT operations are controlled by the very rigid Committee I. They meet regularly-unannounced-look at what we do we onderscheppen.Bovendien just what our a priori allowed to do. By the Minister of Defence
Once a year the Minister approves a list well with SIGINT targets: countries, organizations, individuals and political movements that are important in support of military operations and our national interests. The list is directly related to the information control plan that we have to submit annually to the Minister for approval and which is also transmitted to the Committee. I The system is very flexible: if Syria suddenly pops up, then there is a rapid procedure to adjust the Chief of Defense and the Secretary of Defense the list. That goes very smoothly.
What do you mean with "support our national interests?
Testelmans: Our SIGINT capabilities we can also State Security, the Federal Prosecutor or the Federal Police support-each welt understood abroad. It is not because the Belgian army is not present in Syria, we can not be what is happening in Syria interested.
How does it work? How do you intercept the communication?
Testelmans: Specific SIGINT interception means are used to intercept that affect our goals. That intercepted data is processed and passed on to various services such as our forces abroad, our partner but also the Federal Prosecutor's Office and the State Security. Everyone will understand that the technology used, the precise localization should continue to avoid the goals that we follow would be suspicious. Secret abroad and our working methods
The GISS has about 650 employees. How many of them are working with SIGINT?
Testelmans: Given the sensitivity of this data you will understand that ikdaar also can not say anything about it.
Since the adoption of the BIM-law in 2010 you may, like the State Security, apply so-called special intelligence methods, such as phone tapping and email interception. Wherein lies the difference with the SIGINT missions that the GISS years already performed?
Testelmans: The BIM-law applies to the national territory, our SIGINT activities are focused on overseas.
How does the GISS with the EU Satellite Centre in Torrejon near Madrid?
Testelmans: That is another story, as they relate to imagery , imaging satellites that take pictures. Google Earth, but more sophisticated. We are part of the Helios consortium, led by France, and where Germany, Greece, Spain and Italy are part of. Since Belgium has invested in it, we are entitled to a certain guaranteed capacity.
And the GISS ask satellite photos of ...
Testelmans: ... for example, Goma, Lubumbashi, the situation in Tripoli, certain port facilities ...
Lack of cybersecurity
The Council of Ministers approved the beginning of July the purchase of a Modern Computer System (MIS) accounted for 4 million euros. For some new material that will serve?
Testelmans: It will allow us to make in the field of storing, processing, analyzing and processing of information and a great leap forward. It makes little sense for a service like ours to have huge collection performance-funding should there be then analyzing the information service can not handle. This info-flux is exponentially greater, you need IT resources that they bring about. Otherwise get our analysts have not ordered more information.
How is within the GISS responded to the Snowden-leaks?
Testelmans: With a degree of disbelief: how can such a large and efficient organization with many resources and controls to have such a leak? It will just happen. The conclusion is: it does not matter how much money you invest in the physical security of your systems, data logging, recording ... the individual is and remains the essential link in the domain of security. The insider threat you will never be able to stop, although you have to adjust your system. The fact is that despite its low grade Edward Snowden had access to a vast amount of information. Same story at Bradley Manning (U.S. soldier data leaked to Wikileaks, kc ).
And what was the reaction to the content of the Snowden-leak, the fact that the NSA runs a gigantic worldwide surveillance network?
Testelmans: If you read the speech of General Alexander to the U.S. Congress, then you understand that the NSA probably could. But they do it? As in Belgium, there is also a strong parliamentary control over what do the security services in the United States. Despite the fact that the NSA is great, I think no one is able to listen in to the world and to intercept all text messages and emails and analyze. The capacity for this may already exist, then you must also handle all the data. For this you need people and just that capacity is limited. The NSA is in their own words constantly working on several hundred cases.
In a study of the Belgian Intelligence Studies Centre in November 2011 Pascal Petry, security adviser to Prime Minister Di Rupo, announced the creation of a coordination around cybersecurity. That would be established in 2013. How's that?
Testelmans: In December 2012, without the operational part of the government's national cybersecurity strategy, however-approved. Question is who will control the system and pay? The Prime Minister, the Board for Information and Safety instructions to from strategy to determine which are Belgium cybersecurity should set up the structure. That college is thinking about who should take the lead. Defence was asked to take it on themselves but I think the example BELNIS platform (Belgian Network on Information Security, kc ) better placed to Belgium to take the lead. itself
Also consulting company X can be taken under the arm. The key question is: who will pay for what? After all, there's a hefty price tag attached to it. Self defense is now working on the development and implementation of the cyber security strategy for Defence.

No comments:

Post a Comment