Belgium’s Military Suffer From Log4j Attack

The Belgian military has been hit by a cyber attack against parts of its network, which is  gradually being restored, following an attack on the national Defence Ministry via Log4shell vulnerabilities. The Ministry said the incident began in December and that, while it's been working to keep networks running, some parts of its networks are still  not working. 

State-backed hacking groups including those with ties to China, Iran, North Korea and Turkey have been using a vulnerability in Log4j software are though to be the perpetrators.

Log4j is a common piece of code and the vulnerability has led to widespread concern, but no other attacks on Belgian companies or institutions have yet been reported. A spokesperson for Belgian Defence Minister said that "the ministry's teams have been working hard in past days to secure its networks" and that the Belgian government will continue to invest in cyber security defences.

The Ministry's Facebook page published a statement telling inquirers not to expect full service from its sites yet. "Because of technical problems, we are unable to process your requests via www.mil.be or answer your questions via Facebook. We are working on a solution and thank you for your understanding." it said

The attack took place on December 16 and according to a Belgium military spokesman, the incident caused damage to internet-connected services, which in turn halted part of the ministry’s activities.

Since the attack, an investigation has been carried out and the ministry is currently restoring all disrupted services. Belgium’s Defence Minister Ludivine Dedonder has said, “the ministry’s teams have been working hard in past days to secure its networks.”

While the investigation into the incident continue, no announcements have been made about who the suspected threat actor is.

VRT:        Defence.Be:     ITSecuritGuru:   Infosecurity Magazine:     DefencePost:     

Politico:     Infosec Today:       Cyberwire:   

You Might Also Read:  

Critical Fault with Log4j Software

 

« Britain's HMRC Tax Agency Admits Numerous Data Breaches
Malicious Joker App Gets Half A Million Downloads »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Blue Solutions

Blue Solutions

Blue Solutions is a consultancy-led, accredited software distributor who provides IT solutions and support to small and medium enterprises.

Messageware

Messageware

Messageware is the market leader in securing, enhancing, and customizing Microsoft Exchange and Outlook Web App.

Air Informatics

Air Informatics

Air Informatics LLC provides security, information management, analytics and informatics for IT and wirelessly enabled airplanes and operations.

GreyCortex

GreyCortex

GreyCortex uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

White Bullet

White Bullet

White Bullet’s risk profiling AI detects, dynamically scores and flags unsafe domains, apps and advertising.

Gordian Networks

Gordian Networks

Gordian Networks offers complete managed IT services and IT support for small to large businesses.

Exterro

Exterro

Exterro is a leading provider of e-discovery and information governance software specifically designed for in-house legal, privacy and IT teams at Global 2000 and Am Law 200 organizations.

Path Forward IT

Path Forward IT

Path Forward IT has been troubleshooting, architecting, migrating, protecting, and securing IT environments for businesses across the USA since 2002.

6clicks

6clicks

6clicks is an easy way to implement your risk and compliance program or achieve compliance with ISO 27001, SOC 2, PCI-DSS, HIPAA, NIST, FedRAMP and many other standards.

Scholarly Networks Security Initiative (SNSI)

Scholarly Networks Security Initiative (SNSI)

SNSI brings together publishers and institutions to solve cyber-challenges threatening the integrity of the scientific record, scholarly systems and the safety of personal data.

StarLink

StarLink

StarLink is an acclaimed Value-Added Distributor across the Middle East, Turkey and Africa regions with on-the-ground presence in 20 countries including UK and USA.

IONOS

IONOS

IONOS is a leading provider of cloud infrastructure, cloud services, and hosting with more than 8.5 million customers contracts.

NextGen Cyber Talent

NextGen Cyber Talent

NextGen Cyber Talent is a non-profit providing a platform to increase diversity and inclusion in the cybersecurity industry.

Rhodian Group

Rhodian Group

Rhodian Group (formerly Adar) specialize in providing Technology, Cybersecurity, and Compliance services to the insurance industry.

Dion Training Solutions

Dion Training Solutions

Dion Training Solutions offer comprehensive training in areas such as project management, cybersecurity, agile methodologies, and IT service management.

Infinavate

Infinavate

Infinavate Fort CyberVault offers end-to-end services that comprehensively responds to the organization’s information security and privacy needs.