cyber attack on the SPF Interior in Belgium

Giuseppe Gagliano’s article on the cyber attack on the SPF Interior in Belgium, followed by the one on the Belnet network

Belgio sotto attacco informatico, tutti i dettagli

Last March, the SPF Interior, the Belgian Interior Ministry, discovered that it was the target of “a complex, sophisticated and targeted cyber attack”. The Federal Prosecutor and an investigating judge from Brussels are conducting a judicial investigation to try to find out the source of the action. The offensive was so large that it could only be carried out and coordinated by a foreign state.
The Center for Cyber Security in Belgium (CCB) confirms the importance and high complexity of the attack. In March 2021, CCB computer experts found traces of suspected manipulation dating back to April 2019.
This is a very complex attack, for which hackers have resorted to techniques specifically designed to infiltrate a network, undetected and to stay there as long as possible. The complexity of this attack indicates that he is an advanced and competent aggressor with extensive cybernetic capabilities.
The SPF Interior carries out missions such as security on Belgian territory (public order, assistance to the population, crisis management) or the registration and identification of persons (national register, identity documents). But the current investigation prevents the services from saying more.
Olivier Maerens, Director of Communications at the SPF Interior, confirms that the determination and discreet character of this actor arouse suspicion of espionage. He points out, however, that hackers have not been able to reach confidential information. In fact, they are located on servers with a higher security level.
On 4 May, another large-scale attack targeted the Belnet network, which links higher education institutions and universities, research centres and public administrations. This attack had in particular caused the cancellation of committee meetings in the House.
Olivier Maerens, SPF Communications Director Are the two offensives connected? Nothing allows us to affirm it or exclude it at this stage.
In the case of Belnet, it was a Ddos attack (or denial of service attack) in which a huge amount of data is sent to the servers until they are overloaded.
On the other hand, the offensive that hit the Ministry of the Interior was of a different nature and of even greater refinement. It was not intended to saturate websites or demand a ransom.
Olivier Maerens, SPF Communications Director Le This is what makes the SPF Interior say that the complexity of this attack indicates an actor who has cybernetic capabilities and extensive resources. The authors acted in a targeted manner, which suggests espionage.
The CCB stresses that the ongoing investigation must allow us to understand how the attackers managed to enter the system. We cannot say that we will find the exact modus operandi, given the complexity of the attack, and the attribution of the attack is very difficult.