GCHQ has had remote access to the systems of Belgian telecommunications provider Belgacom since 2010, documents leaked by NSA whistleblower Edward Snowden suggest.
Last week, Belgacom revealed that it had detected evidence of remote access to its systems since at least 2011. Belgian prime minister Elio di Rupo said the evidence suggested "a high-level involvement by another country".
Today, German newspaper Der Spiegel reported that one of documents leaked by Snowden suggests that GCHQ is in fact the perpetrator.
A slide of PowerPoint presentation refers to a 'computer network exploitation' (CNE) exercise, called Operation Socialist, targeting part of Belgacom's mobile telecommunications infrastructure.
The slide says that the purpose of the attack is to allow GCHQ to undertake "[man in the middle] operations against targets roaming using smart phones".
Mikko Hyponnen, security researcher at F-Secure, told Information Age via Twitter that this would allow the perpertrator to intercept all a target device's traffic "including iMessage, web browsing, app traffic etc.
There is no date on that particular slide, but another document suggests the CNE has been in place since 2010, Der Spiegel reports.
GCHQ told Information Age that it is "longstanding practice that we do not comment on media stories about leaks or on intelligence matters.
"All GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that its activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Intelligence and Security Committee", a spokesperson said.