Government and academic institutions in Belgium suffer massive DoS attack

On Tuesday morning, hundreds of organizations in Belgium experienced the consequences of a massive denial of service (DoS) attack that impacted government offices, legislative bodies, and academic and research institutions. The websites of these organizations were saturated with junk traffic and became useless to visitors.

This attack would have focused on Belnet, the government-funded Internet service provider that works for educational institutions, government information centers, and public services. This attack forced multiple delays in the work of the various organizations concerned, mainly for the organization of virtual conferences.

The Belgian Cybersecurity Centre (CCB) received a report of the attack and is already working to contain it; however, the operators of the attack have been employing multiple DoS techniques, so it has been difficult to stop the interruptions: Dirk Haex, Belnet’s director, says: “The operators of the attack have made multiple modifications to their tactics in real time, making it more difficult to neutralize this attack.”

It has been almost a full day of the attack and Belnet’s services have already been restored, although the company mentions that a monitoring protocol will be implemented in the face of any possible new incidents: “We are aware of the impact on organizations connected to our systems and the possible conditions to users,” Adds Haex.

According to cybersecurity specialists, DoS attacks are designed to disrupt the operation of attacked websites, leaving them out of service by sending an excessive amount of traffic. In many cases, DoS attacks exploit failures on servers, computers, or Internet of Things (IoT) systems for prolonged disruption using botnets, which are huge sets of devices controlled by threat actors.

On the motivations of these hackers, Belnet executives believe the attack would have been motivated simply to disrupt the affected systems, so they do not believe that a data breach or information theft incident has occurred. The organization also rules out that the compromised information has been leaked on the dark web.

For now, the Belgian government has no idea which organization or individual is behind the attack, although a complaint has been filed with the Federal CyberCrime Unit. To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.