Belgian Defense Ministry confirms cyberattack through Log4j exploitation

The Defense Ministry said it first discovered the attack on Thursday.
Written by Jonathan Greig, Contributor

The Belgian Ministry of Defense has confirmed a cyberattack on its networks that involved the Log4j vulnerability. 

In a statement, the Defense Ministry said it discovered an attack on its computer network with internet access on Thursday. They did not say if it was a ransomware attack but explained that "quarantine measures" were quickly put in place to "contain the infected elements."

"Priority was given to the operability of the network. Monitoring will continue. Throughout the weekend, our teams were mobilized to contain the problem, continue our operations and alert our partners," the Defense Ministry said. 

"This attack follows the exploitation of the Log4j vulnerability, which was made public last week and for which IT specialists around the world are jumping into the breach. The Ministry of Defense will not provide any further information at this stage."

Multiple reports from companies like Google and Microsoft have indicated that government hacking groups around the world are leveraging the Log4j vulnerability in attacks. 

According to Microsoft, state-sponsored hackers from China, Turkey, Iran and North Korea have started testing, exploiting and using the Log4j bug to deploy a variety of malware, including ransomware. A number of reports have noted that since the vulnerability was discovered nearly two weeks ago, cybercriminal groups have sought to not only use it to gain a foothold in networks but sell that access to others, including governments. 

Governments around the world have urged agencies and organizations to patch their systems or figure out mitigations in order to avoid attacks and breaches. The US' Cybersecurity and Infrastructure Security Agency ordered all federal civilian agencies to patch systems before Christmas and Singapore held emergency meetings with critical information infrastructure sectors to prepare them for potential Log4j-related threats.

Centre for Cybersecurity Belgium spokesperson Katrien Eggers told ZDNet that they too sent out a warning to Belgian companies about the Apache Log4j software issue, writing that any organization that had not already taken action should "expect major problems in the coming days and weeks."

"Because this software is so widely distributed, it is difficult to estimate how the discovered vulnerability will be exploited and on what scale," the Centre for Cybersecurity Belgium said, adding that any affected organizations should contact them. 

"It goes without saying that this is a dangerous situation."

Editorial standards