Brussels is a true spy capital

Brussels is a hotspot for intelligence activities. Potential espionage targets are abound. Belgium's capital city not only hosts the NATO headquarters and the European institutions –Council, Commission and Parliament. Also multinationals, the International Trade Union Confederation, the World Customs Organisation and the European Economic Area are headquartered in Brussels.

Next to that come Eurocontrol, SWIFT, the European Aviation Safety Agency, the Western European Union and up to 2500 international agencies, 2000 international companies and 150 international law firms.

Also radical networks, secessionist movements, high technological research centers and migrant communities –Turkish, Moroccan, Congolese, Rwandese– are among the potential targets of foreign espionage.

Together with New York and Geneva, Brussels is among the cities with the highest density of information worldwide. Moreover in Brussels there's an abundance of classical espionage covers available –journalism, lobby work and diplomacy.

Between 1500 and 2000 foreign journalists cover European summits. Approximately 15.000-20.000 lobbyists work in the European capital. And with 288 diplomatic missions, 5.000 accredited diplomats and 60.000 people with a diplomatic or related statute, Brussels is the diplomatic capital numero uno.

The Belgian intelligence services, responsible for counter espionage, are not quite overstaffed. The military secret service SGRS has a staff of about 620 employees; its civil counterpart State Security (Sûreté) has between 650 and 700 employees. Until recently these services were not even allowed to intercept emails or tap phones. That situatéion has changed since the Law on Special Intelligence Methods came into force in September 2010.

Chronology of recent espionage cases in Brussels


In March 2015 MO*magazine reveals that the Belgian Federal prosecutor's office has launched an inquiry into two Russian intelligence officers that have clandestinely acquired the Belgian nationality with the help of Belgian diplomats. The Russian spy couple got married in Belgium before moving to Italy, where it has supposedly carried out its intelligence activities. The pre-inquiry by the Belgian Federal prosecutor's office into forgery, the use of false passports and corruption was launched in 2012 after a tip from the Belgian State Security.

In April 2015 the New York Times reports that all NATO partner nations have to limit the size of their delegations in Brussels to maximum 30 members. Citing 'Western officials', the move supposedly follows a confidential assessment by the alliance's Civilian Intelligence Committee that intelligence agents have been part of Russia's delegation. At least three senior officials from sensitive European departments have in recent years been called back from Brussels by their country of origin, on suspicion of having had contacts with Russian intelligence, MO*magazine reveals reveals, citing 'several knowledgeable sources in the world of security and intelligence'. In another article the magazine states that the number of Russian diplomats in Belgium had risen from 84 in 2011 to 171 in 2014.

According to the Süddeutsche Zeitung the German intelligence service Bundesnachrichtendienst (BND) has listened in on officials from the EU Commission in Brussels. Phone tapping was supposedly done from the BND's Bad Aibling spying station in the south of Germany. The newspaper claims the information subsequently was transmitted to the American NSA. The Belgian State Security and the Federal Prosecutor's Office launch an investigation into espionage by the German Bundesnachrichtendienst (BND) after the Austrian MP Peter Pilz reveals that as from 2005 the BND had access to 15 telecom connections with end point in Belgium. This allegedly was the result of a cooperation between the BND and the American NSA.


Belgian daily De Standaard reports that according to Privacy International a Belgian IP address, possibly of a Bahrain activist, was spied on with FinFisher technology. The Canadian journalist Judi Rever, investigating murders supposedly ordered by the Rwandese authorities, receives protection from the Belgian State Security while visiting Belgium in the Summer of 2014. In the Belgian daily Het Belang Van Limburg Rever explains she was in Belgium to interview Rwandese dissidents. 'An officer of the State Security informed me that the Belgian government had reliable information that the Rwandese embassy in Brussels could pose a threat for me.'

In March 2014 a 10-minute telephone conversation between EU foreign affairs chief Catherine Ashton and Estonian foreign minister Urmas Paet is posted on YouTube. In the leaked phone call, the two politicians discuss the question who was responsible for killing civilians at the end of February, during the Maidan square protests in the Ukrainian capital Kiev. The audio recording has been intercepted in Brussels – not in Tallinn – but it is not clear who is behind the operation. Remarkably, the Belgian prosecutor's office does not open an investigation into the leak as no official complaint is filed. Frans Potuyt, head of the security office of the European External Action Service, assures that his office is doing 'all the necessary to protect the security interests of the EEAS' but declines any further comment on the case.

In a March 2014 press release Guy Verhofstadt, former Belgian prime minister and president of the ALDE group in the European Parliament, claims his meeting with Russian opposition leader Alexey Navalny has been bugged. Verhofstadt and Navalny had met in a Moscow hotel in May 2013 to discuss corruption and money laundering cases in Russia and their links to the European Union. Later footage of the closed meeting was broadcasted on the Russian tv channel NTV.

'Moscow hacks Belgian state', Belgian daily De Tijd headlines in May 2014. 'After a warning from the intelligence services we have concluded that our systems have been infected during the Ukraine crisis', a spokesperson of the Belgian ministry of Foreign Affairs confirms. 'According to the first information available it turns out that certain files on Ukraine have been copied.' According to 'well placed sources' cited by daily De Standaard, it was the CIA that had tipped off the Belgian military secret service about infection of Foreign Affairs by the Snake virus ('Ouroboros').

As a counter measure the entire computer network of Foreign Affairs is shut down temporarily. As a result local municipalities can no longer deliver passports and thousands of Belgian diplomats and officials abroad cannot access the internet anymore. The digital quarantine lasts 3 months – only as from August 2014 the computer network of Foreign Affairs is fully operational again. The Belgian Federal Prosecutor's Office has launched a judicial inquiry into the hacking case. It is also investigating the hacking of of the Belgian Federal Public Service of Economy, that according to daily De Tijd was discovered at the beginning of 2014.

In May 2014 the Hungarian daily Magyar Nemzet writes that the Hungarian Member of European Parliament Béla Kovács is accused of spying for Russia: the Prosecutor's Office in Hungary has requested the European Parliament to waiver the immunity of Kovács amid allegations he spied on EU institutions. The MEP supposedly was meeting with Russian dipomats in a 'conspiratorial manner'. In a press conference in Budapest Kovács denies the accusations: 'I was never a member of either Hungarian or any other foreign intelligence service. I have never worked with them and they have never approached me.'

According to Le Nouvel Observateur a colonel has been dismissed from his functions within the French representation at NATO, Brussels, for not having respected basic security rules.


The Belgian military secret service ADIV discovers a highly complex virus on its own network that it uses to exchange non-classified information between employees and to communicate with the outside world. Because its own cyber security experts don't manage to analyse the complex malware, the ADIV turns to the US Cyber Command for help. According to general Eddy Testelmans, head of the ADIV, the Americans don't abuse the situation. Testelmans: 'Our own specialists were present at all times. There have not been any irregularities.'  

The Russian IT security company Kaspersky Lab identifies MiniDuke, a malicious program designed for spying on multiple government entities and institutions across the world. According to Kaspersky Lab, a number of high profile targets have been compromised by the MiniDuke attacks, including government entities in Belgium.

The American information security company Mandiant publishes the report APT1: Exposing One of China's Cyber Espionage Units. According to Mandiant, APT1 had conducted a cyber espionage campaign against a broad range of victims since at least 2006. 'APT1 has systematically stolen hundreds of terabytes of data from at least 141 organizations, and has demonstrated the capability and intent to steal from dozens of organizations simultaneous', Mandiant wrote. One confirmed APT1 server and one victim were located in Belgium.

Also Belgium's telecom company Belgacom, the Belgian ministry of Foreign Affairs and the Prime Minister's Cabinet become victim of well directed cyber attacks. Criminal investigations are ongoing. According to the German weekly Der Spiegel, the British GCHQ is behind the espionage against Belgacom. The claim is based on documents leaked by NSA whistle blower Edward Snowden.   

During the investigation into the Belgacom cyber espionage case by the Belgian Federal Prosecutor's office – with the help of Belgian police, secret services and the Dutch company FOX-IT – it is discovered that also the laptop of professor Jean-Jacques Quisquater has been hacked. The computer of Quisquater, a renowned expert in cryptography at the UniversitÉ Catholique de Louvain (UCL), had been infected after clicking on a bogus LinkedIn invitation by a (non existing) employee of the European patent office, as Belgian daily De Standaard revealed. The modus operandi point at state sponsored espionage.

In Iran Hamid Babaei is sentenced to six years in jail for 'acting against the national security by communicating with hostile governments'. According to Amnesty International, Babaei – a doctoral student in finance and law at the University of Liege (Belgium) – was on holidays in his homeland Iran when he approached by Iranian intelligence. 'They asked him to spy on fellow Iranian students in Belgium. Hamid refused', Amnesty writes in a press release, claiming the refusal is the real reason for the jail sentence.


According to Ian J. West of the NATO Communications and Information Agency, NATO is experiencing a growing intensity and frequency of cyber incidents. West: 'Threats range from low-level hacking attempts to more serious attempts of denial of service or cyber espionage. Our cyber response centre is at the core of NATO's cyber defence effort. In 2012, it responded to more than 2500 cases, or about seven per day.  Most of these online incidents were dealt with automatically, using sensors, scanners and boundary protection devices. The real challenge is from high-end targeted attacks, which for NATO can number ten or more a month. It is mainly these high-level threats that NATO's cyber defence experts deal with.  Also, it is possible (or even probable) that there are or have been undetected intrusions. It is always a constant challenge in cyber defence to know the unknown.'

The Belgian ministry of Foreign Affairs calls back a Belgian diplomat from his post in Copenhagen on the suspicion of espionage. Consul O.G. from Bruges, who during 25 years had been in contact with the Russian secret services KGB and SVR, was suspended 'in the interest of the service'. The Federal prosecutor's office launches a judicial inquiry.

Kaspersky Lab initiates an investigation following a series of attacks against computer networks targeting international diplomatic service agencies. It reveals Operation Red October, a sustained cyber espionage campaign dating back as far as 2007. According to Kaspersky Lab, the main objective of the attackers was 'to gather sensitive documents from the compromised organizations, which included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment.' Among others, the spy operation focused on 'different cryptographic systems, such as Acid Cryptofiler, which is known to be used in organizations of NATO, the European Union, European Parliament and European Commission since the summer of 2011 to protect sensitive information.'

During a colloquium on economic espionage in Brussels Dany Van de Ven, director of the Belgian Security and Defense Industry, reveals that two Belgian defense companies have been the target of espionage. Information related to new technologies had been stolen from their computers. At the colloquium the State Security announced a brochure to sensitize Belgian companies for the risks of espionage.

The State Security scrutinises the strategic position of the Chinese telecom giant Huawei on the Belgian market. Huawei provides the Belgian telecom operators Belgacom and Mobistar with hardware for their 4G network. Alain Winants, head of the State Security: 'Bearing in mind the sensitive sector in which Huawei is active, the company obviously is a point of interest for my agency.' According to Dominique Vanhamme (VP European Channel Sales, Huawei) there is no reason to be worried: 'Huawei is trusted by the majority of the telecom operators in the world.'

Foreign minister Didier Reynders orders an investigation into the allegation that Syrian intelligence is terrorising Syrian expats in Brussels critical of Bassar al-Assad. 'The Syrian authorities do show an interest in the Syrian diaspora in Belgium', Justice minister Annemie Turtelboom told members of Parliament.


According to US investigators cited by Bloomberg news agency, in the Summer of 2011 hackers raided the emails of Herman Van Rompuy, chief of the European Council, and Gilles de Kerchove, the EU's counter-terrorism tsar. The hackers –supposedly Chinese, although Beijing denies any involvement– also stole information from four employees of Van Rompuy's cabinet.

At the eve of the EU Spring Summit 2011 the European Commission announced it had been the victim of a severe cyber attack. 'The attack was very focused', spokesperson Antony Gravili commented. 'People with bad intentions were after data of certain officials of the Commission.' As a counter measure, the full staff of the Commission and the EU's External Action Service was refrained from access to work email at home and had to change its passwords. The Security Directorate of the Commission launched an Action Plan against Cyber Attacks and set up a Response Team to detect and analyse malware.

In 2011 the State Security applied Special Intelligence Methods in 193 inquiries into espionage, the military secret service SGRS in 54 inquiries. The data are cited in the Activities report 2011 of the Belgian Standing Intelligence Agencies Review Committee. At least seven cases were related to foreign journalists suspected of intelligence activities.


In its Annual report 2010 the State Security warns for foreign espionage and interference by countries such as Pakistan, Russia, Serbia, Colombia and China. It claims there are close links between the Kashmir Centre EU and the Pakistan authorities, including the Pakistani secret services: 'Vigilance is necessary to avoid interference.'  

Russian intelligence activities in Belgium, according to the State Security, were focused at the Atlantic defense policy, European politics and economic policy, and at the Russian speaking community in Belgium. Also Serbian lobby groups drew the attention of the State Security as 'some of their members are possibly linked to Serbian intelligence'. 

The State Security launched an inquiry into the activities of the Colombian intelligence agency Departamento Administrativo de Seguridad (DAS) and its activities directed against 'institutions and NGOs on Belgian soil'. The State Security refers to allegations that the DAS had spied on the European Parliament and members of the Belgian NGOs Broederlijk Delen and Oxfam Solidariteit. The scandal on 'Operation Europe' broke after an inquiry by the Colombian Attorney General's office.


Canadian researchers publish Tracking Ghostnet, a report on a Chinese cyber espionage network affecting over thousand computers worldwide. They discovered that the email traffic of the Dalai Lama office in Belgium had been intercepted. Tashi Wangdi, representative of the Dalai Lama in Europe, commented in the Belgian daily De Morgen that he was not surprised: 'This only confirms what we had already suspected.'

Also the Brussels embassies of India and Malta figured on the list of targets in the Canadian report. That same Maltese embassy –strategically located next to the Berlaymont building of the European Commission– in 2007 had raised eyebrows within the security world, when it turned out that China had provided it with furniture and office equipment for the value of 200.000 euro. The Maltese secret service later sweeped the building but couldn't find any espionage equipment.

'Without being aware of it, I have been spied on by a non European country during several months', Javier Solana reveals in the Spanish daily El Pais. Solana was the EU's High Representative for Common Foreign and Security Policy. 'Bearing in mind his function, it is normal that Mr Solana attracts the attention of secret services of non European countries', Alexandro Legein commented, head of the Security Office of the European Council. 'The electronic attack of Solana's communication could be traced back to servers in South East Asia.' According to Legein, Solana is a permanent target of electronic intrusion attempts by third parties. 

A confidential memorandum by Stephen Hutchins, the EU Commission's director of security, leaks out in the Frankfurter Allgemeine Zeitung. Hutchins warns that 'the threat of espionage is increasing day by day. A number of countries, information seekers, lobbyists, journalists, private agencies and other third parties are continuing to seek sensitive and classified information.' Under the promising headline European officials warned of 'interns trading sex for secrets', the Telegraph cites spokeswoman Valerie Rampi: 'Like any large scale organisation which deals with sensitive or confidential information, there are always people who endeavour to gain access to this information. It could be the pretty trainee with the long legs and the blonde hair.'

The NATO headquarters in Brussels withdraws the accreditation of two Russian diplomats accused of espionage: Viktor Kochukov, heading the political department of the Permanent Mission of Russia to Nato, and Vasily Chizhov, the son of Russia's ambassador to the European Union. As a result of the headquarters agreement between NATO and Belgium the two Russian diplomats are instructed to be withdrawn from Belgium.

According to Alain Winants, head of the Belgian State Security, the activity of the Russian intelligence services in Belgium has risen exponentially. Winants: 'It displays a certain aggressivity and self-consciousness. Quite a lot of agents of Russian services are active. The level of presence and the nature of the activities is actually almost –if not exactly– the same as during the Cold War.' Alexandro Legein, head of the Security Office of the European Council, confirms that analysis: 'Also we have noticed a heightened interest of the Russian intelligence services, especially for EU activities in the field of crisis management (both military and civil), non proliferation and energy.'

In its Annual report 2009 the State Security focuses on Congolese intelligence activities in Brussels. The arrival of Congolese ambassador Henri Mova in Belgium is 'marked by an increased intention to control and follow the Congolese community, in particular through the secret services.' In an interview with MO*magazine the State Security specified: 'The Congolese secret service has always had its presence at the Congolese embassy, inter alia to keep an eye at Congolese opposition groups. A tiny part of that opposition lately has become more radicalised, which explains why the Congolese authorities show more interst for their activities. This does not mean that there would be more Congolese spies in Belgium than before.'

The Belgian weekly P-magazine reports on an incident at Brussels Airport involving security guards of El Al, the Israeli airline. Later the incident is also discussed in the Belgian parliament: 'In line with practices that have been tolerated during the past thirty years, security guards of the airline in question partly do perform security tasks on their own without the existence of clear, formal agreements about it', State secretary Etienne Schouppe commented.  Schouppe announced that such an agreement was being discussed and later also added that two Israeli security guards have a permit to carry a gun in the airside zone of Brussels Airport.


In Estonia Herman Simm is arrested for treason. During 13 years, Mr Simm had been passing on information to Russia. At the end of his carreer Simm headed the National Security Authority in Estonia. He had access to top secret documents exchanged between NATO member states. Likewise Simm had a clearence for EU classified information (EUCI) as in Brussels he took part in meetings of the Commission Security Policy Advisory Group and the Council Security Committee, two EU advisary councils on information security.  A NATO report called Simm the 'most damaging spy in the alliance's history'. He was sentenced to 12,5 years imprisonment.

The Belgian State Security informs Justice minister Jo Vandeurzen about attempts of electronic attacks against email accounts of the federal government, probably emerging from China –alghough clear cut evidence was missing. Alain Winants, head of the State Security: 'The attacks clearly were well directed, aimed at certain people in Belgian government offices in charge of files related to European affairs and energy.' The attackers also used social engineering in order to convince the Belgian officials to open the emails they received.

In the Summer of 2008 Alain Winants, head of the State Security, asks Mohamed Yassine Mansouri, chief of the Moroccan intelligence agency DGED, to call back three of its officers from Belgium. Only a few months before the Belgian Moroccan Abdelkader Belliraj –a former informant of the State Security– had been arrested in Morocco for terrorism; the State Security claims it only found out through the media.

According to Winants the measures against the three Moroccan officers were not related to the Belliraj case. Winants: 'Repeatedly there have been problems with the DGED in terms of interference. The Belliraj case was the straw that broke the camel's back; we noticed a blatant unwillingness on the Moroccan side to cooperate.'

The relations between the State Security and the DGED deteriorated so bad that the DGED not only withdrew three officers but all its personnel from Belgium. Moroccan ambassador Samir Addahre: 'The antenna was completely shut down; it was the first time in our years of friendship that happened.'

Six people questioned during the Belgian judicial inquiry into the Belliraj terrorist network testified about activities of the DGED in Belgium, supposedly ranging from blackmail over intimidation to outright threats.


Eavesdropping equipment is discovered in the Brussels apartment of Gorka Elejabarrieta Diaz, lobbyist for the Basque nationalist political party Batasuna. Behind the plinth in Diaz's living room a microphone with sender (serial number 139SV5.1) had been hidden. Diaz filed a complaint at the local police department of Ixelles, the Brussels prosecutor's office launched an inquiry and the Federal Prosecutor's Office took over. The espionage affair also led to a parliamentary debate, in which Justice minister Laurette Onkelinx said: 'One can't say that the Belgian State Security at this moment is equipped to cope with any type of threat, including espionage activities by third parties on our territory.' It was the first time in recent history that a Belgian minister acknowledged that the situation of foreign intelligence activities in Belgium had become problematic.

Over one thousand CIA-operated flights have used European airspace from 2001 to 2005, says the European Parliament's Temporary Committee on the alleged use of European countries by the CIA for illegal activities. In its final report on illegal CIA activities, the European Parliament asked the Belgian government to reveal the results of all investigations into the use of Belgian airports and airspace by airplanes involved in extraordinary rendition. Also the Belgian Standing Intelligence Agencies Review Committee launched an inquiry. In the CIA rendition case, no smoking gun related to Belgium has ever been made public.

Congolese VIPs visiting Brussels are sometimes accompanied by bodyguards who are members and formers of criminal African gangs. Such was the case during the visit of Olive Sita di Lembe, the wife of the Congolese president Jopseh Kabila. According to sources within Belgian intelligence the gang members had been recruited by the Congolese embassy in Brussels to maintain the order during di Lembe's visit. In other occasions the Congolese intelligence agency Agence Nationale de Renseignements (ANR) would call on gang members to spy on Congolese diaspora in Brussels. The Congolese embassy denied the accusations but Foreign minister Steven Vanackere confirmed the story in the Belgian parliament.


The Terrorist Finance Tracking Program, a secret US government program to access the SWIFT database, is revealed by several American newspapers. Based in Terhulpen near Brussels SWIFT –the Society of Worldwide Interbank Financial Telecommunication–secures communication between 10.000 financial institutions in 212 countries. Through the secret program of the Bush administration American counterterrorism officials could access the data of SWIFT traffic. The Belgian prime minister Guy Verhofstadt claimed not to be aware of this. Only four years after the news broke, the US reached an agreement with the EU regarding the exchange of SWIFT data.


Between 2002 and 2006 a dozen spin offs of Liege University, all located in the science parc of Sart-Tilman, have become the victim of remarkable burglaries. Whereas expensive equipment in the offices of the companies was left untouched by the thieves, hard disks containing sensitive data on clients and r&d had been stolen. The companies in question –Keyobs, Centre Spatial de Liège, BEA, BATS, EVS, AMOS, Greisch Ingénierie, Star Informatic, BMC Software, PI2– are active in high technological industries such as space and defense, which makes the assumption of economical espionage very plausible. 

The Brussels based private intelligence company European Strategic Intelligence and Security Center (ESISC), headed by former French spy Claude Moniquet, claims that the Chinese Students and Scholars Association –a Chinese student organisation– runs an international espionage network from Belgium: 'Priority targets are laboratories of big universities, pharmaceutical firms and high technological companies.' The State Security claims not to posess any information confirmng the existence of such a network.


In its Activities Report 2004 (the first of its kind in 175 years!) the Belgian State Security writes it is following the activities of the Chinese intelligence services. 'The technological and scientific knowledge that China needs in order to develop often has to be taken from abroad. The Chinese secret services show a special interest for the scientific and economical potential.'

In the Summer of 2004 the American CIA sends a secret note to the Belgian State Security: 'In the spirit of our close missile nonproliferation partnership, we would like to alert you to a matter of potential proliferation concern and request your government's assistance in investigating this activity. The U.S. has information that an Iranian company is attempting to purchase a hot isostatic press from the Belgium firm Engineered Pressure Systems International N.V. (EPSI).' A few months later another CIA note is sent in order to prevent the export, that eventually does take place however. The socalled Epsi affair leads to the resignation of Koen Dassen as head of the State Security.


A phone interpherence in the Justus Lipsius building, the headquarters of the European Council in Brussels, leads to the discovery of five black boxes with espionage equipment hidden in the concrete walls of the building. The black boxes –which probably had been there already for eight years– could be activated from outside Justus Lipsius and were connected to telephone lines of the delegation rooms of France, Italy, Germany, the UK, Spain and Austria. According to Alexandro Legein, head of the Council's Security Office, the equipment was 'highly sofisticated' and a 'good example of craftsmanship'.

The succesful intelligence operation only had been discovered because a third party had manipulated one of the telephone lines linked to the black boxes, in order to find out which position the EU's member states would take concerning the upcoming military invasion in Iraq. Three months after the discovery, the Belgian Federal Prosecutor's Office launched an inquiry into the case; in 2010 it will decide not to prosecute anybody. An inquiry by the Belgian Standing Intelligence Agencies Review Committee raises the question of possible Israeli involvement.


The French newspaper Libétration reveals that the British EU official Desmond Perkins, in charge of encrypting the communication at the European Commission, had the encrypting systems tested by the American National Security Agency. One of Perkins' parents worked there.

Lernout & Hauspie, a once promising Belgian speech technology developer, is declared bankrupt after its stock market figures had dramatically declined following fraudulent constructions. According to Belgian journalist René De Witte the company had been infiltrated by the German Bundesnachrichtendienst.

History of cold war espionage in Brussels

Already since the Cold War Brussels has been one of the world's hot spots for espionage. Research in the intelligence archives of Berlin, Budapest, Bucharest, Prague, Sofia and Warsaw reveal the 007 dimension of Europe's capital city. 

In 1967, NATO moved its operational and political headquarters from France to Belgium. The Belgian government was very much aware of the espionage threat triggered by the relocation. 'As Brussels has become an important center of the western world, we have to prevent it from also becoming an important center of espionage', state the minutes of the Belgian cabinet meeting of 21 April 1967. All in vain. The Belgian capital became the target of the KGB, the East German Stasi, the Romanian Securitate and Hungarian, Bulgarian, Polish and Czechoslovak intelligence officers.

Impossible to tell exactly how many spies were active in Brussels during the Cold War. Documents in the archives of the intelligence services of six former Warsaw Pact countries do give an idea of the magnitude however. In the eighties, the Stasi residence in Brussels (codename 'Residence 211') sent information originating from 59 different sources to the spy headquarters in Berlin. In the same period of time, 75 different Stasi operatives stayed over in Belgian hotels. Together that makes at least 134 East German intelligence officers and agents.

Next comes the Soviet Union. The Belgian State Security estimates the number of Soviet intelligence officers in Belgium during the first half of the eighties between 40 and 45. Of course not all eastern bloc countries used to send so much spies to Brussel. At the end of the eighties, the Czechoslovak embassy in Brussels e.g. employed seven spies under diplomatic cover. But what is for sure, is that hundreds of spies walked the streets of Brussels during the Cold War.


To hide their espionage activities, foreign spies operated under a cover. They pretended to be journalist, businessman or lobbyist. The most popular cover was the diplomatic one. Not surprisingly, as diplomats as a rule set up networks in different circles in their host country –nothing odd about that. That diplomats hold legal immunity, came in handy as well.

Some examples. In 1976, Kurt Berliner started working as the first secretary at the GDR embassy in Brussels. But he also was the resident, the chief of the local espionage department. Berliner often visited the Belgian ministry of Foreign Affairs, went for dinner with its officials, and later reported back to Berlin back in secret notes. To set up his network, Berliner frequented the prestigious Club International Château Saint-Anne in Brussels, still existing today.

Another spy operating under diplomatic cover was the Hungarian Marton Szecsödi, taking up his position in Brussels in 1967. In fact, the State Security had given a negative advise before his arrival –Szecsödi was known to be an intelligence officer. Nevertheless he received an accreditation from the Belgian ministry of Foreign Affairs. Szecsödi was tasked with collecting information that could enforce Budapest's negotiation position, as Hungary was exporting agricultural products to the then European Economic Community. One of his targets in Brussels was the Hungarian economist Alexandre Lamfalussy, the later founding president of the European Monetary Institute in Frankfurt, forerunner to the European Central Bank. Lamfalussy, who also became famous as one of the fathers of the euro, never fell for the recruitment attempts of the Hungarian secret service though.

The Polish secret service sent an intelligence officer codenamed Rycki to the famous College of Europe in Bruges, in order to recruit its headmaster Jerzy Lukaszewski –which failed. Polish spies were interested in the network of alumni as many former students of the College of Europe take up senior positions in the European administration. Also the Soviet KGB and the Hungarian secret service showed interest for the institute in Bruges.

Economic espionage

Already at the end of the sixties, the European Economic Community had become a point of interest for foreign spies, but the first and foremost espionage target in Brussels not surprisingly was NATO. Especially the Stasi managed to penetrate its political headquarters during many years. Stasi agent Rainer Rupp e.g. worked there from 1977 until 1993, sending over thousand classified NATO documents to Eastern Berlin.

Next to military and political intelligence also economic espionage grew more and more important during the Cold War. According to a document of the US Defense Intelligence Agency, dated June 1989 and released after a FOIA request, 'theft and illegal diversion of Cocom-restricted equipment and technology [had] become the highest overall priority of Soviet and most other Warsaw Pact intelligence services. The entire range of overt, covert and clandestine methods was employed in this effort, most evidently through human intelligence.'

In 1992 the Belgian State Security managed to uncover a network of agents that had been secretly passing on technological information to the KGB. The counter espionage operation, codenamed Glasnost, ended the secret double lives of, among others, journalist Guido Kindt and engineer Francis Collard. Suspected of espionage, both were detained for a couple of weeks but eventually they have never been prosecuted.

Belgian counter espionage

During the eighties, the B4 brigade of Belgium's State Security was in charge of counter espionage. It had a workforce of about 100 intelligence officers. Within the Belgian military secret service, department SDRA III (some 80 employees), headed the spy hunt. 180 spy catchers, not too much bearing in mind Brussels' international role. For that reason cooperation with allies –exchanging intelligence via encrypted cables– was a necessity. Belgium's spies main partners were the French, British, West Germans and Americans. And of course neighbors Luxemburg and the Netherlands. The heads of service also exchanged intelligence within the framework of the Club de Berne –set up in 1971 by the Netherlands, France, Italy and Belgium.

A glimpse of the everyday life of the Belgian counter espionage: scrutinizing hotel registration cards of foreigners, boarding passes of airplane passengers and migration files, especially of West Germans. Much attention obviously was paid to the embassies of Warsaw Pact countries (at one point a secret observation post opposite the Russian embassy was hindered by a growing tree that blocked the sight. After cutting its branches and poring gasoline into the tree proved unsuccessful, the military secret service finally aborted the surveillance operation).

Foreign diplomats leaving the capital city were tailed by shadowing teams. For years, the military secret service tried to figure out why the idyllic village Suxy, in the south of Belgium, was so popular with Soviet diplomats. Why were they going there almost every weekend? Merely for picking mushrooms and enjoying nature? Or was the KGB secretly operating dead letter boxes there, or hiding communications equipment? Tail teams of Belgium's counter espionage would once a month cover the route between Brussels and Suxy. All in vain. The Russian's mission in Suxy remained a mystery, although Stasi spy Kurt Berliner claims the goal was to verify whether Belgium was building new rocket launch sites. 

Another unsuccessful counter espionage operation: at the end of the seventies, both the State Security and the military secret service started systematically surveilling female NATO secretaries that were single. On the day of their birthday, the young ladies were followed as from the moment they left their offices in order to check whether they would fall prey to handsome East German Romeo's. No one got caught.

Remarkably enough, during the Cold War counter espionage was virtually non existing within the European institutions. At the end of the eighties the European Commission hired Pieter De Haan, former head of the Dutch civil intelligence service BVD, to professionalise its Bureau de Sécurité (Security Office). New employees from European member states were attracted, among whom several experts counter espionage.

The European Council waited even longer to set up a real counter espionage policy. In 2000,  the then-Deputy Secretary General Pierre de Boissieu hired Alexandro  Legein, a former Belgian State Security officer who in the last 15 years had been security  director  for a number of multinational companies, to reorganise the Security Office of the Council. Legein quickly realized that in order to meet the espionage challenge posed by the emerging EU Common Security and Defense policy, he needed to include an effective counter espionage component in his reorganisation blueprint.

Persona non grata

During the Cold War, the Belgian secret services succeeded in unveiling a certain number of espionage cases. In the 25 years after the relocation of NATO to Belgium, some ninety Warsaw Pact spies were forced to leave the country, the majority of them Soviets. They were declared persona non grata or left on their own initiative after their clandestine activities had been exposed. The measure of expelling foreign spies –a sensitive matter in bilateral relations– was only taken when they had seriously crossed the line. Often it made more sense to let unmasked spies do their thing –and at least know what they were doing– then to kick them out.

A certain number of successes were the result of their own counter espionage achievements –such as double agent operations. In other cases the Belgians were simply lucky that an enemy had decided to switch sides. But in many cases the smoking gun game from an ally –not seldom the Americans. The CIA e.g. informed Belgium about the clandestine contacts between the Belgian army colonel Guy Binet and some Russian runners, and also Stasi mole Rainer Rupp only could be unmasked through intelligence from the US.

History repeating

The Fall of the Berlin Wall in 1989 marked the end of the Cold War. Two years later, the Soviet Union imploded. Countries from the former Warsaw Pact joined the EU and NATO. These geopolitical developments also had consequences for the world of intelligence. The State Security and the military secret service scaled down their counter espionage capacity. But meanwhile Brussels remained an important espionage capital.


This website is currently under construction. It was launched on 1.06.2011 and taken offline on 1.09.2014 due to back office problems. It will be relaunched during 2016. is the website of the Belgian journalist Kristof Clerix. Contact details:

Kristof Clerix, Knack, Raketstraat 50 bus 2, 1130 Brussels, Twitter: @kristofclerix.

Through his agent Read My Lips ( you can book Clerix for lectures on espionage.