A significant cyber breach has been reported, with a group of Chinese hackers successfully infiltrating the Belgian state security services from 2021 to 2023. This incident, described by local sources as the most substantial breach in the history of the services, highlights growing concerns over cybersecurity vulnerabilities in government institutions.
Exploitation of vulnerabilities
According to a report from the Belgian newspaper Le Soir, the hacking group exploited a known vulnerability in the email system provided by Barracuda, a U.S.-based software supplier. This vulnerability, which was reported earlier in 2023, was utilized not only by Belgian intelligence but also by the Belgian Pipeline Organisation, an entity responsible for monitoring critical pipeline infrastructure in the North Sea.
Cybersecurity experts from Google’s Mandiant have indicated that this group is likely affiliated with a cyberespionage unit operating on behalf of the Chinese government. This association raises alarms about the potential risks posed by state-sponsored cyber activities.
Scope of the breach
In a recent statement, Le Soir cited multiple sources familiar with the investigation from the State Security Service (VSSE). An internal audit reportedly revealed that the hackers had accessed the external email server used for communications. While the compromised data did not include classified information stored on an internal server, the breach still represents a serious security concern.
“The hackers are believed to have obtained correspondence with the country’s prosecutors’ office, police, a ministerial cabinet, and other institutions, as well as personal data of staff of intelligence service,” the report stated.
As of now, the VSSE has not responded to requests for comments regarding the breach. This incident underscores the critical need for enhanced cybersecurity measures within government agencies to protect sensitive information from increasingly sophisticated cyber threats.