The Belgian defense ministry confirmed it was hit by a cyberattack, it seems that threat actors exploited the Log4Shell vulnerability.
The attack was uncovered on Thursday and today the government disclosed it, but according to local media, the security breach blocked the ministry’s activities for several days.
“Hackers exploited a vulnerability in software called Log4j, which was discovered earlier in December, a ministry spokesperson told local media. The ministry uncovered the attack last Thursday.” reported Politico.
At this time the Belgian defense ministry has yet to provide info regarding the attack.
“The ministry’s teams have been working hard in past days to secure its networks,” said a spokesperson for Belgian Defense Minister Ludivine Dedonder. To prevent similar incidents in the future, the government will continue to invest in cybersecurity.
Immediately after the disclosure of the Log4Shell flaw, multiple nation-state actors, including APT groups linked to China, Iran, North Korea and Turkey, started exploiting the flaw in their operations.
(SecurityAffairs – hacking, Log4Shell)