Hackers stole Van Rompuy's emails
-
Van Rompuy: among 11 senior EU officials stung by the operation (Photo: consilium.europa.eu)
Hackers last summer raided the emails of EU Council chief Herman Van Rompuy and 10 other senior officials.
The breach was exposed last week by a team of US academics and cyber security firms which has been tracking a hackers group known by two names - Comment and Byzantine Candor.
Join EUobserver today
Become an expert on Europe
Get instant access to all articles — and 20 years of archives. 14-day free trial.
Choose your plan
... or subscribe as a group
Don't miss out on
Our exclusive news stories and investigations. Influential. Investigative. Independent.
Why join?
Watch our founder Lisbeth Kirk explain the reasons in this 30-second video.
Already a member?
The US investigators, who asked to remain anonymous, showed computer logs detailing the hackers' behaviour to the Bloomberg news agency.
According to the logs, the group accessed the EU Council's computer network at around 9am Brussels time on four occasions - 8 July, 11 July, 13 July and 18 July last year.
It hacked 17 email accounts, grabbing around seven days' of correspondence and any attached files from each account.
Apart from Van Rompuy himself, the group stole information from three former and one current Van Rompuy cabinet staff - Sem Fabrizi, Jose Leandro, Zoltan Martinusz and Odile Renaud-Basso.
It also scalped Giles de Kerchove (the EU's counter-terrorism tsar), Leonardo Schiavio (a senior EU foreign policy official) and four officials dealing with trade and development - Boguslaw Majewski, Massimo Parnisari, Alda Silveira Reis and Jan Van Elst.
The EU was at the time involved in sensitive talks on the second Greek bailout.
Speculation among the US investigators is that the hackers are linked to the Chinese government. But China has repeatedly denied that it conducts any cyber espionage.
"The confirmation on the specific victims comes from the computer logs gathered by the researchers, which show the hackers' activities in the EU Council networks via monitoring of the hackers' own command and control system, including the specific users whose accounts were accessed. We were provided with the logs and interviewed some of the researchers," Bloomberg's Michael Riley told EUobserver.
An EU official said the EU Council does not comment on individual cases.
He noted that highly sensitive or classified information could not be so easily compromised because it is stored on a separate computer network which is not connected to the Internet.
"Hackers frequently target the EU institutions ... many of these attacks show a high degree of sophistication. Some are based on techniques used by government agencies," he added.
The Comment/Byzantine Candor group also targeted US oil firm Halliburton, a Canadian magistrate involved in a Chinese extradition case and the International Republican Institute in the US among 20 or so victims.
Site Section
Related stories
- Cyber criminals steal millions from EU banks
- Hackers dump EU staff passwords and credit card details onto net
- China is 'world's largest hacking victim,' ambassador says
- Unknown hackers stealing EU files for past five years
- US spies alerted EU on Van Rompuy hack
- Hack the EU: IT security cuts cause concern
