Operation Socialist

Operation Socialist is the code name given by the British signals and communications agency Government Communications Headquarters (GCHQ) to an operation in which GCHQ successfully breached the infrastructure of the Belgian telecommunications company Belgacom between 2010 and 2013. The operation's existence was first revealed in documents leaked by the former National Security Agency contractor Edward Snowden.

Objectives and methods
GCHQ used a method called Quantum Insert attack embedded in fake LinkedIn pages targeting Belgacom engineers. The breach was conducted under the code name 'OP Socialist'. The main target of the clandestine infiltration was to gain access to Belgacom's GRX Operator to enable GCHQ to obtain roaming data for mobile devices and execute what is generally referred to as Man-in-the-middle attack against targets.

When the first anomalies were detected in 2012, Belgacom's security team were unable to identify their cause. Only in 2013 malware disguised as legitimate Microsoft software had been identified as the source of problems.

According to the leaked documents GCHQ probed Belgacom's infrastructure for years. According to the leaked documents 'Operation Socialist' has been qualified by the head of the GCHQ's Network Analysis Centre as a success.

Reaction
Snowden subsequently described Operation Socialist as the "first documented example to show one EU member state mounting a cyber attack on another".