Belgium’s Ministry of Defense confirmed today that it had been hit by a cyber attack. The attackers exploited a vulnerability in Log4j, a utility written in Java, intended to record logs for many applications. The ministry discovered the attack last Thursday. Since then, part of the network has been disabled, including e-mail, but there are no other details for the time being. “The priority is to keep the Defense network operational,” said Ministry spokesman Olivier Séverin. He added that the support team was mobilized throughout the weekend to keep issues under control and as much service as possible, while monitoring the ongoing situation.
Cybersecurity authorities around the world are urgently fixing the vulnerability. At the moment, state-backed hacker groups, including those with ties to China, Iran, North Korea and Turkey, have used Log4j’s vulnerability in attacks, news portals report.
Last week, there was already an alert in the Ministry about the possibility of problems with this widely used software. The issue is still unresolved, according to Belgian media, and the Defense Ministry could still be a victim of intrusion: “The defense will not provide further information at this stage,” said spokesman Séverin.
According to Israeli cybersecurity solutions provider Check Point Software Technologies, a group of hackers associated with the Iranian regime called Charming Kitten or APT 35 exploited Log4j’s flaw to launch attacks against seven targets in Israel, including government websites.
This issue has raised concerns beyond the cybersecurity community, as Log4j is a software component used by millions of computers around the world running online services, potentially making it the most serious computer vulnerability in years, according to National UK Cyber Security Center (NCSC).