Intruders leverage Log4j flaw to breach Belgian Defense Department

Written by
Dec 20, 2021 | CYBERSCOOP

Parts of the Belgian Defense Ministry’s computer networks have been down since Thursday after a cyber incident in which attackers exploited the Apache Log4j vulnerability, government officials said.

“All weekend our teams have been mobilized to control the problem, continue our activities and warn our partners,” spokesperson Olivier Séverin told news publication VRT. “The priority is to keep the network operational. We will continue to monitor the situation.”

Log4j is a widely used logging software present in hundreds of millions of devices. Hackers associated with the governments of China, Iran, North Korea and Turkey have all raced to take advantage of the exploit, according to Microsoft and Mandiant researchers. Ransomware groups have also sought to exploit the vulnerability.

The Belgian Defense Ministry is the first reported high-profile government victim of the vulnerability, but unlikely to be the last given the ubiquity of Log4j in a host of enterprise software popular in the public and private sector.

Affected parts of the Belgian network were segmented after the attack was discovered, Séverin says. Systems including email appear to still be down as of Monday morning.

The Belgian government has not attributed the

Read More: