Belgium’s Ministry of Defense was targeted by a significant cyberattack exploiting a recently discovered vulnerability in a popular logging tool, officials have confirmed, noting they are still attempting to secure the network.
The security breach was initially detected last week, but only publicized on Monday by ministry spokesman Commander Olivier Severin, according to a local media report.
“[The Defense Ministry] on Thursday discovered an attack on its computer network with internet access,” Severin said, adding that “all weekend our teams have been mobilized to control the problem, continue our activities and warn our partners.”
A spokesperson for Defense Minister Ludivine Dedonder also told Politico that the ministry was “working hard” to secure the network, though officials have yet to comment on the origin of the attack.
The breach reportedly targeted a security flaw in a widely used utility known as Log4j, a fault that was first observed by cyber experts earlier this month, stoking fears that hackers could use the vulnerability to compromise millions of devices. While many attackers have exploited the flaw to install cryptocurrency mining software on computers without the owners’ knowledge, others have taken aim at businesses and even government agencies, according to Check Point, an Israel-based cyber security firm.
Companies and officials in Belgium and beyond have raced to patch up the vulnerability, with Google reportedly tasking 500 engineers to ensure its code is airtight, while the US Cybersecurity and Infrastructure Security Agency issued an emergency directive last week urging other federal agencies to fix the flaw.