Belgium Launches Investigation into China-Linked Cyberattack on Intelligence Agency

Belgium Launches Investigation into China-Linked Cyberattack on Intelligence Agency

Belgium is currently facing a significant cybersecurity incident involving an alleged data breach of its state security service, known as the VSSE. This incident highlights the ongoing threat posed by cybercriminals, particularly state-sponsored hackers, and underscores the importance of robust cybersecurity measures.

Details of the Alleged Data Breach

The Belgian federal prosecutor’s office confirmed that an investigation into a cyberattack was initiated in November 2023 after reports of the breach came to light. The TechCrunch report indicates that this situation follows an earlier article by Le Soir, a French-language Belgian newspaper.

Involvement of Chinese Hackers

According to reports, a Chinese hacking group gained unauthorized access to the VSSE’s external mail server from 2021 to 2023. The hackers exploited a vulnerability in software developed by the U.S. cybersecurity firm Barracuda.

The Vulnerability

The critical flaw, first disclosed in May 2023, impacts Barracuda’s Email Security Gateway (ESG), which serves as a firewall for filtering potentially malicious content in emails. Key points about this vulnerability include:

  • Allowed hackers to exfiltrate sensitive data.
  • Reportedly targeted government agencies, making up nearly a third of affected organizations.
  • Identified as a zero-day exploit by cybersecurity experts at Mandiant.

In response to the situation, Barracuda urged its customers to replace affected ESG appliances and rotate any compromised credentials. The company also recommended checking for signs of compromise dating back to October 2022.

Impact on Belgium’s State Security Service

As reported by Le Soir, the Chinese-backed hackers were able to exfiltrate approximately 10% of the VSSE’s incoming and outgoing emails. While classified information remained secure, personal data of nearly half of the agency’s employees was compromised. This data included:

  • Identity documents
  • Resumes
  • Internal communications
READ ALSO  Effortlessly Eliminate Security Vulnerabilities with Backline's Automated Remediation

Response from VSSE

Following the breach, it was reported that the VSSE ceased using Barracuda’s products. The incident first came to public attention in July 2023, raising concerns about the security measures in place to protect sensitive information.

For more information on cybersecurity and data protection, you can visit the Cybersecurity and Infrastructure Security Agency (CISA) website, which offers resources and guidelines on safeguarding against cyber threats.

This incident serves as a reminder of the critical need for organizations, especially government agencies, to continually assess and strengthen their cybersecurity posture in the face of evolving threats.

Similar Posts

Google Patches Critical Chrome Zero-Day Vulnerability Targeting Journalists in Recent Hacking Campaign

Google Patches Critical Chrome Zero-Day Vulnerability Targeting Journalists in Recent Hacking Campaign

Bysupport

Google has released a security update to address a critical zero-day vulnerability in Chrome for Windows, identified as CVE-2025-2783. Discovered by Kaspersky, this flaw allows hackers to bypass Chrome’s sandbox protections, affecting Chrome and other Chromium-based browsers. The vulnerability was exploited in a phishing campaign known as Operation ForumTroll, targeting individuals with fake invitations to a Russian political summit. Kaspersky suggests the exploit may be linked to state-sponsored hacking efforts aimed at espionage. Users are urged to update their browsers regularly to safeguard against such threats and ensure their data remains secure.

China Strikes Back: Google Antitrust Investigation in Response to Trump Tariffs

China Strikes Back: Google Antitrust Investigation in Response to Trump Tariffs

Bysupport

In response to escalating U.S.-China tensions, China has launched an antitrust investigation into Google, led by the State Administration for Market Regulation. This move follows President Trump’s recent tariffs on Chinese imports and aims to examine Google’s alleged monopolistic practices, despite its limited operations in China since 2010. The investigation underscores China’s commitment to enforcing market competition laws. Concurrently, Beijing has implemented retaliatory tariffs on U.S. coal, oil, and agricultural equipment, among other measures. This development intensifies the trade conflict between the two nations, which had recently shown signs of stabilization. Further updates are anticipated as the situation evolves.

North Korea Linked to $1.4 Billion Bybit Crypto Heist: Researchers Uncover Shocking Allegations

North Korea Linked to $1.4 Billion Bybit Crypto Heist: Researchers Uncover Shocking Allegations

Bysupport

Hackers have stolen approximately $1.4 billion in Ethereum from the crypto exchange Bybit, marking the largest crypto heist to date. Investigators, including ZachXBT and blockchain monitoring firm Elliptic, suspect North Korea’s Lazarus Group is behind the attack, citing patterns linking the theft to previous hacks involving other exchanges. North Korea has been implicated in at least 58 crypto heists, with reports suggesting it stole over $650 million in 2024 alone. Experts from TRM Labs also attribute the hack to North Korea, while Bybit has not commented on the allegations as investigations continue.

Exposed: How Stalkerware Apps Cocospy and Spyic Compromise the Privacy of Millions

Exposed: How Stalkerware Apps Cocospy and Spyic Compromise the Privacy of Millions

Bysupport

Recent reports reveal a serious security vulnerability in phone-monitoring apps Cocospy and Spyic, compromising personal data of millions. Security researchers found a flaw that allows unauthorized access to sensitive information, including messages and photos, and exposes the email addresses of users who installed these stalkerware apps. Over 2.6 million email addresses were reportedly collected from the apps’ servers. Marketed as parental control tools, these applications can be misused for covert surveillance. Users are advised to check for these apps on their devices and strengthen security measures. Resources for support against stalkerware are available from organizations like the National Domestic Violence Hotline.

Nomura-Backed Komainu Secures $75 Million Investment in Bitcoin Revolution

SEC Closes Investigation into Robinhood Crypto: What This Means for Investors

Bysupport

The SEC’s decision to drop its investigation into Robinhood Crypto has sparked significant interest within the cryptocurrency community. Initiated in early 2021, the investigation focused on Robinhood’s compliance with regulatory requirements and user protection. The SEC’s recent conclusion may be due to Robinhood’s improvements in compliance, insufficient evidence for further action, and shifting regulatory priorities. This development is likely to enhance user confidence in Robinhood, bolster its market position, and influence future cryptocurrency regulations. As the market evolves, Robinhood and similar platforms must remain adaptable to ongoing regulatory changes.

Grubhub Data Breach: Impact on Customers and Drivers Revealed

Grubhub Data Breach: Impact on Customers and Drivers Revealed

Bysupport

Grubhub has confirmed a significant data breach affecting the personal information of customers and drivers. Unauthorized access occurred through a compromised third-party service provider, prompting Grubhub to launch an investigation and terminate the provider’s access. The breach exposed names, email addresses, phone numbers, partial payment card information, and hashed passwords, while bank account details and Social Security numbers remained secure. Grubhub’s response underscores the need for enhanced data security in the food delivery industry. The company has not disclosed the number of affected individuals or the breach’s timing, and inquiries about further details remain unanswered.