Belgium’s Military Suffer From Log4j Attack

Uploaded on 2022-01-03 in TECHNOLOGY--Hackers, GOVERNMENT-Defence, FREE TO VIEW

The Belgian military has been hit by a cyber attack against parts of its network, which is  gradually being restored, following an attack on the national Defence Ministry via Log4shell vulnerabilities. The Ministry said the incident began in December and that, while it's been working to keep networks running, some parts of its networks are still  not working. 

State-backed hacking groups including those with ties to China, Iran, North Korea and Turkey have been using a vulnerability in Log4j software are though to be the perpetrators.

Log4j is a common piece of code and the vulnerability has led to widespread concern, but no other attacks on Belgian companies or institutions have yet been reported. A spokesperson for Belgian Defence Minister said that "the ministry's teams have been working hard in past days to secure its networks" and that the Belgian government will continue to invest in cyber security defences.

The Ministry's Facebook page published a statement telling inquirers not to expect full service from its sites yet. "Because of technical problems, we are unable to process your requests via www.mil.be or answer your questions via Facebook. We are working on a solution and thank you for your understanding." it said

The attack took place on December 16 and according to a Belgium military spokesman, the incident caused damage to internet-connected services, which in turn halted part of the ministry’s activities.

Since the attack, an investigation has been carried out and the ministry is currently restoring all disrupted services. Belgium’s Defence Minister Ludivine Dedonder has said, “the ministry’s teams have been working hard in past days to secure its networks.”

While the investigation into the incident continue, no announcements have been made about who the suspected threat actor is.

VRT:        Defence.Be:     ITSecuritGuru:   Infosecurity Magazine:     DefencePost:     

Politico:     Infosec Today:       Cyberwire:   

You Might Also Read:  

Critical Fault with Log4j Software

 

« Britain's HMRC Tax Agency Admits Numerous Data Breaches
Malicious Joker App Gets Half A Million Downloads »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Tripwire

Tripwire

Tripwire are a leading provider of risk-based security, compliance and vulnerability management solutions.

ADF Solutions

ADF Solutions

ADF Solutions is a leading provider of digital forensic and media storage exploitation tools.

RiskSense

RiskSense

RiskSense empowers enterprises and governments to reveal cyber risk, quickly orchestrate remediation, and monitor the results.

KE-CIRT/CC

KE-CIRT/CC

KE-CIRT/CC is the national Computer Incident Response Team for Kenya.

PSC

PSC

PSC is a leading PCI and PA DSS assessor and Approved Scanning Vendor.

Cyber8Lab

Cyber8Lab

Cyber8Lab provides cybersecurity training programmes simulating real world cybersecurity incidents such as web defacement, malware, phishing, digital forensics analysis and wireless intrusion.

PrimeKey

PrimeKey

PrimeKey provides organisations with the ability to implement security solutions such as e-ID, e-Passports, authentication, digital signatures, unified digital identities and validation.

exceet Secure Solutions

exceet Secure Solutions

exceet Secure Solutions is your experienced specialist for Internet of Things (IoT), Heath Telematics, electronic signatures and timestamps and IT security.

Digital Resolve

Digital Resolve

Digital Resolve delivers solutions that help companies maintain trust and confidence through proven and cost-effective fraud-protection and identity intelligence technology.

Norsk Akkreditering

Norsk Akkreditering

Norsk Akkreditering is the national accreditation body for Norway. The directory of members provides details of organisations offering certification services for ISO 27001.

Forum Systems

Forum Systems

Forum Systems is a global leader in API Security Management with industry-certified, patented, and proven products deployed in the most rigorous and demanding customer environments.

INE

INE

INE is a premier provider of Technical Training for the IT industry.

Communicate Technology

Communicate Technology

Communicate Technology are IT, telecoms and cyber-security specialists, keeping over 500 businesses and 50,000 users connected and secure across the UK.

CyberArmor

CyberArmor

Cyber Armor defend everyday IT and OT systems, from government agencies to critical infrastructure, from system integrators to small industries.

ClosingLock

ClosingLock

ClosingLock is the leading provider of wire fraud prevention software for the real estate industry.

Leostream

Leostream

Leostream's Remote Desktop Access Platform enables seamless work-from-anywhere flexibility while maintaining security and constant visibility of users.