Belgium’s Military Suffer From Log4j Attack
The Belgian military has been hit by a cyber attack against parts of its network, which is gradually being restored, following an attack on the national Defence Ministry via Log4shell vulnerabilities. The Ministry said the incident began in December and that, while it's been working to keep networks running, some parts of its networks are still not working.
State-backed hacking groups including those with ties to China, Iran, North Korea and Turkey have been using a vulnerability in Log4j software are though to be the perpetrators.
Log4j is a common piece of code and the vulnerability has led to widespread concern, but no other attacks on Belgian companies or institutions have yet been reported. A spokesperson for Belgian Defence Minister said that "the ministry's teams have been working hard in past days to secure its networks" and that the Belgian government will continue to invest in cyber security defences.
The Ministry's Facebook page published a statement telling inquirers not to expect full service from its sites yet. "Because of technical problems, we are unable to process your requests via www.mil.be or answer your questions via Facebook. We are working on a solution and thank you for your understanding." it said
The attack took place on December 16 and according to a Belgium military spokesman, the incident caused damage to internet-connected services, which in turn halted part of the ministry’s activities.
Since the attack, an investigation has been carried out and the ministry is currently restoring all disrupted services. Belgium’s Defence Minister Ludivine Dedonder has said, “the ministry’s teams have been working hard in past days to secure its networks.”
While the investigation into the incident continue, no announcements have been made about who the suspected threat actor is.
VRT: Defence.Be: ITSecuritGuru: Infosecurity Magazine: DefencePost:
Politico: Infosec Today: Cyberwire:
You Might Also Read:
Critical Fault with Log4j Software: