US spies alerted EU on Van Rompuy hack
Being spied on by US intelligence can have its perks: When the emails of top EU officials were hacked two years ago, it was the Americans who revealed the infiltration.
Back in 2011, two groups, dubbed "Comment" and "Byzantine Candor," tapped into the emails of EU Council chief Herman Van Rompuy, EU counter-terrorism supremo Gilles de Kerchove and several other officials dealing with trade and development.
Dear EUobserver reader
Subscribe now for unrestricted access to EUobserver.
Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.
- Unlimited access on desktop and mobile
- All premium articles, analysis, commentary and investigations
- EUobserver archives
EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.
♡ We value your support.
If you already have an account click here to login.
The groups are believed to have been steered by the Chinese government.
The attack - which caused a scandal - was at the time described by EU spokesmen as showing "a high degree of sophistication" and to have relied on "techniques used by government agencies."
But EUobserver has learnt that without a tip-off by US intelligence, the EU's security services would never have known about the breach.
The news comes amid European angst over US snooping on EU citizens and governments.
Fugitive US whistleblower Edward Snowden, a former CIA contractor, last month leaked data about Prism - a massive Internet surveillance programme on EU citizens' Internet activities.
He also revealed that US intelligence bugged EU offices in Brussels, New York and Washington, and - in an echo of Comment and Byzantine Candor - infiltrated their computer systems.
The US embassy in Brussels declined to comment.
But Robert Baer, a former CIA officer turned security analyst, told this website that even if the EU now sweeps its buildings for bugs, they are unlikely to catch the Americans red-handed.
"If bugs were detected during a sweep, they would not indicate US fabrication. The CIA labels its bugs as Chinese or Russian. The only US-labelled bugs are made by the Mossad [an Israeli intelligence service]," he said.
The US, in its defence, says its snooping operations thwarted terrorist attacks in Europe.
The German interior minister, Hans-Peter Friedrich, told media that his US counterparts informed him they stopped 45 attacks worldwide, five of them in Germany, using Prism.
He declined to give specifics.
He later said it might be the case that two known groups were planning multiple attacks.
Baer considers the claims "exaggerated."
He said the EU should demand detailed evidence to back up Washington's boast.
"I've never seen evidence of a case initiated just based on algorithms run through Skype or emails. It is always [standard practice] that they [first] have a suspect and then they run that name through all the databases they have," he noted.
Baer spoke of a "huge industry" of software, Cloud servers, and algorithms, which is ballooning in the US in order to service the government's mass-surveillance operations in the name of the war on terror.
"It scares me because someone is going to misuse it. The temptation will be simply too big not to use it against political rivals, for instance. I already heard accusations that they have used Prism against Airbus," he said, in reference to a long-standing trade dispute between US aircraft company Boeing and its French rival, Airbus.
For his part, Estonian President Toomas Ilves, a US-educated politician, recently told Postimes, an Estonian newspaper, that EU indignation over US spying is hypocritical.
"I believe that in the field of economic espionage, for instance, many states spy on their 'friends.' They do not consider it hostile activity, rather competition," he said.
"If we were all lily-white virgins over here, the just indignation might be somewhat understandable. But it is very difficult to understand it, knowing that some large European states have acted in like manner," he added.
Ilves said the only way Europeans can avoid being snooped on by the US is to build their own remote servers, or Clouds.
"It is possible for us to start building a European Cloud, under European law. In many European countries, data protection is stronger than in the [United] States, meaning that if we use a European Cloud, the NSA would not get the data," he explained, referring to the US' National Security Agency.
He depicted the EU as America's "Little Sister," which shares information on the US with its other allies.
"Actually, it is not the problem of Big Brother, rather that of Little Sister. If you have a little sister, then she will know all you do and she will be happy to let others know," Ilves said.