Belgium’s Military Suffer From Log4j Attack

Uploaded on 2022-01-03 in TECHNOLOGY--Hackers, GOVERNMENT-Defence, FREE TO VIEW

The Belgian military has been hit by a cyber attack against parts of its network, which is  gradually being restored, following an attack on the national Defence Ministry via Log4shell vulnerabilities. The Ministry said the incident began in December and that, while it's been working to keep networks running, some parts of its networks are still  not working. 

State-backed hacking groups including those with ties to China, Iran, North Korea and Turkey have been using a vulnerability in Log4j software are though to be the perpetrators.

Log4j is a common piece of code and the vulnerability has led to widespread concern, but no other attacks on Belgian companies or institutions have yet been reported. A spokesperson for Belgian Defence Minister said that "the ministry's teams have been working hard in past days to secure its networks" and that the Belgian government will continue to invest in cyber security defences.

The Ministry's Facebook page published a statement telling inquirers not to expect full service from its sites yet. "Because of technical problems, we are unable to process your requests via www.mil.be or answer your questions via Facebook. We are working on a solution and thank you for your understanding." it said

The attack took place on December 16 and according to a Belgium military spokesman, the incident caused damage to internet-connected services, which in turn halted part of the ministry’s activities.

Since the attack, an investigation has been carried out and the ministry is currently restoring all disrupted services. Belgium’s Defence Minister Ludivine Dedonder has said, “the ministry’s teams have been working hard in past days to secure its networks.”

While the investigation into the incident continue, no announcements have been made about who the suspected threat actor is.

VRT:        Defence.Be:     ITSecuritGuru:   Infosecurity Magazine:     DefencePost:     

Politico:     Infosec Today:       Cyberwire:   

You Might Also Read:  

Critical Fault with Log4j Software

 

« Britain's HMRC Tax Agency Admits Numerous Data Breaches
Malicious Joker App Gets Half A Million Downloads »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

QA Systems

QA Systems

QA Systems provides software testing solutions for safety and business critical sectors and software safety and security standards.

National Cybersecurity and Communications Integration Center (NCCIC) - USA

National Cybersecurity and Communications Integration Center (NCCIC) - USA

NCCIC is a cyber situational awareness, incident response, and management center for the US Government, intelligence community, and law enforcement.

Secret Double Octopus

Secret Double Octopus

Secret Double Octopus offers the world’s only keyless multi-shield authentication technology for users and things.

Network Box

Network Box

Network Box is one of the world's leading Managed Security Service Providers.

NSEIT

NSEIT

NSEIT offers end-to-end Information Technology products, solutions and services including cybersecurity to organizations in the financial sector.

Ataya & Partners

Ataya & Partners

Ataya & Partners is a consulting company that delivers data protection, cybersecurity and IT & Digital governance services.

Riddle&Code

Riddle&Code

Riddle&Code is a product-led services company specializing in onboarding industries to Web3. The team's mission is to provide a trusted connection between the digital and physical worlds.

SparkLabs Cyber + Blockchain

SparkLabs Cyber + Blockchain

SparkLabs Cyber + Blockchain accelerator is located in Washington D.C. which is one of the world's top cybersecurity ecosystems.

ProSearch Partners

ProSearch Partners

ProSearch Partners are national talent acquisition specialists exclusively focussing on Technology and Digital talent including Cybersecurity, Data Analytics and Execs.

Unit21

Unit21

Unit21 helps protect businesses against adversaries through a simple API and dashboard for detecting and managing money laundering, fraud, and other sophisticated risks across multiple industries.

MalwareFox

MalwareFox

MalwareFox is an advanced, yet simple-to-use anti-malware solution for Windows computers. We provide aggressive detection capabilities and an effective malware removal tool to keep your systems safe.

Surefire Cyber

Surefire Cyber

Surefire Cyber delivers swift, strong response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities.

Legit Security

Legit Security

Legit Security's mission is to secure every organization's software factory by protecting the pipelines, infrastructure, code and people for faster and more secure software releases.

Guardey

Guardey

Guardey protects thousands of SME's environments. Whether your team works at the office, at home, at the customer or remotely. We protect your business. We do this in an accessible and affordable way.

SEALSQ

SEALSQ

For the last 25 years, SEALSQ have been developing secure semiconductor chips, secure embedded firmware, and tested hardware provisioning services to serve the vision of a safer connected world.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.