Belgium’s Federal Public Service (FPS) Interior has claimed it has suffered a ‘complex, sophisticated and targeted cyberattack’ to its IT system.
According to HelpNet Security, the FPS Interior found there had been an attack after it called in the Centre for Cybersecurity Belgium (CCB) in March of this year to aid with the patching of the interior’s Exchange servers.
The CCB carried out further monitoring adjacent to the patching and identified ‘subtle leads to questionable acts on the network of the PPS interior’. This investigation found that the attacker had hacked the system in April 2019, meaning that they didn’t exploit the Exchange flaws to get in.
The FPS Interior currently hosts databases that are linked to the country’s immigration affairs, police services, identity card distribution and organisation of national elections.
Citizens and the services provided by the interior have not been affected by the attack, the CCB claimed. However, it added that the likely state-sponsored attacker has access to local data. While no sensitive data has been stolen so far, the ongoing investigation may prove otherwise.
The FPS has commented that their systems have been cleaned and any important information has been secured. This has been followed by a move to completely modernise their IT infrastructure ‘with a view to optimising security as much as possible’.
The FPS added, “The complexity of this attack indicates an actor who has cyber capacities and extensive resources. The perpetrators acted in a targeted manner, which sounds like espionage.”
This attack follows not long after the recent large-scale denial-of-service attack on Belgian communications firm Belnet, a company that provides internet services for Belgium’s parliament, government departments, universities and scientific institutions.
According to Belgian media, online services for coronavirus vaccination centres were partly disrupted and prosecutors’ offices in Brussels underwent some problems.
The Belgian National Security Council also recently approved a new cybersecurity strategy aimed at making one of the least cyber-vulnerable countries in Europe.
Copyright © 2021 RegTech Analyst
Copyright © 2018 RegTech Analyst