The Belgian Ministry of Defense had to partially shut down its networks after a cyber attack. A military spokesman confirmed to Belgian media that the unknown attackers penetrated through the hole in the Java library Log4j, which became known ten days ago. The ministry did not provide any information about the perpetrators of the attack.
“The Ministry of Defense discovered an attack on its computer network with Internet access on Thursday,” said the military spokesman. Quarantine measures were then taken to isolate the affected areas. “The priority is to keep the defense network operational.”
Unknown attacker
According to media reports, some network areas had to be shut down. Parts of the network were also unusable on Monday. “We mobilized our teams throughout the weekend to bring the problem under control and to continue our activities,” said the spokesman. The Ministry of Defense did not want to comment on the origin of the attack to the Belgian media.
The serious and comparatively easy to exploit security hole was discovered ten days ago. Last week there were first reports that attackers were exploiting the loophole, also known as Log4Shell, to install malware or ransomware. Among other things, the Conti extortion group is said to be trying to exploit the loophole.
Facebook no longer works either.
(Image: Screenshot / Facebook)
State actors
According to security experts, state actors are already trying to exploit the loophole. Accordingly, the relevant groups from China, Iran, North Korea and Turkey are showing initial activities that range from experiments to exploits of the vulnerability. Observers expect a further increase in state-sanctioned attacks.
In Germany, the Federal Finance Court (BFH) last took its website offline after an attack via the Log4j security hole. Nevertheless, the attack was successfully repulsed and stopped, said a spokesman for the highest German tax court. The attackers would not have been able to access the intranet or sensitive data from tax procedures.
(vbr)