Belgian defense ministry hacked by attackers exploiting Apache vulnerability

Belgium’s Ministry of Defense was recently hacked by attackers exploiting the massive vulnerability in Apache logging library log4j that has become a worldwide security concern, according to multiple reports. 

A spokesperson for the ministry told Belgian newspaper De Standaard on Monday that the ministry had “discovered an attack on its computer network with internet access” last week and that the organization had taken steps to quarantine the impacted network areas. They confirmed that the attack took place due to the exploitation of the log4j vulnerability. 

The ministry posted on Facebook on Monday that “due to technical issues, we are unable to process your requests via mil.be or answer your queries via Facebook. We are working on a resolution and we thank you for your understanding.”

ADVERTISEMENT

The Hill reached out to both the ministry and a spokesperson for Belgian Defense Minister Ludivine Dedonder for comment. 

Cybersecurity professionals around the world are scrambling to patch the log4j vulnerability before it can be exploited.

Both Microsoft and cybersecurity group Mandiant last week reported seeing government-linked hackers exploiting the vulnerability to target organizations, including those in China and Iran.

The U.S. government has also taken action, with the Cybersecurity and Infrastructure Security Agency (CISA) issuing an emergency directive last week ordering federal agencies to immediately patch their systems against the log4j vulnerability. 

“The log4j vulnerabilities pose an unacceptable risk to federal network security,” CISA Director Jen Easterly said in a statement last week. “CISA has issued this emergency directive to drive federal civilian agencies to take action now to protect their networks, focusing first on internet-facing devices that pose the greatest immediate risk.”