Posted on May 6, 2021 at 7:19 PM
Websites of many organizations in Belgium, including the country’s parliament, have been temporarily offline on Tuesday. The Distributed denial-of-service (DDoS) attack was directed to an internet service provider, Belnet, which affected about 200 organizations and institutions that use its service.
Research institutions, universities, and public offices were among those impacted by the attack, according to the report.
The DDoS attack overwhelmed the websites of the connected organizations, making them unreachable to visitors, as the attack cut them off from the internet completely.
Belnet is funded by the government and had to reach out to Belgium’s Center for Cybersecurity (CCB) for its assistance to curtail the attack.
No evidence of network infiltration
Belnet Network has commented on the issue, stating that there is no evidence that any network was compromised by the attack.
The ISP added that there is a high indication that the attack was basically to overwhelm the Belnet Network.
DDoS exploits cause a network or traffic jam in a network with traffic from a large number of devices. This can lead to a collapse of the network. In most cases, the perpetrators ask for ransom from their targets but in some cases, it is used as a decoy for other attacks.
No matter the goal of the attack, the victimized organizations generally lose money and can lose their reputation in some cases. The attack in Belgium is another worrying scenario added to the general growing state of cyberattacks government organizations are suffering from all over the world.
Apart from government institutions and universities, it seems the attack also had an impact on online reservation systems for COVID-19 vaccinations. Additionally, the parliament at Wallonia-Brussels Federation was also impacted by the attack, causing it to suspend its committee work.
The DDoS attack was on a massive scale
Belnet has stated that it is aware of the impact of the attack on the organizations and institutions that share its network. The ISP says it has always put the issue of insecurity a priority and has invested a lot to secure its network and servers.
But Belnet says the recent DDoS attack was on a massive scale that impacted its network heavily. And the fact that the threat actors continually change the operational routine and tactics makes it even harder to defuse.
According to the technical director of Belnet, Dirk Haex, the DDoS attack was carried out in successive waves, but Belnet and Belgium’s Cybersecurity Center tried to mitigate the attack to an extent.
The websites’ outages didn’t last long, as the attack was curtailed by Wednesday morning. However, the security team was still highly watchful in case the threat actors still have other plans and ideas they want to unleash.
Precautions are taken for any further attack
Belnet has contacted cybersecurity teams to join forces with its in-house security experts to conclude a final recovery process. It also said impacted customers have been contacted to offer advice and mitigate priority areas. It’s still not clear which individual of the threat group is responsible for the attack. But due to the sophisticated nature of the attack, experts believe the threat actors could be backed by a well-sponsored organization or even a government.
It’s also not clear the motive of the attackers since no ransom demand has been made. But Belnet says it’s taking a precaution on its systems to ensure the threat actors don’t use the DDoS attack as an avenue to launch more serious attacks on its network. It says other affected organizations have been informed to beef up and fortify their security systems to keep the attackers out in case they want to strike again.
A day after the attack, Belnet updated its website, stating that all its services are now back, it’s very vigilant in case the threat actors still want to launch additional attacks. Belnet has also officially filed a complaint about the attack with the Federal Computer Crime Unit.