A cyber attack in mid-December brought down part of the Defence Ministry’s computer network for almost four weeks, resulting in staff members not being able to send external emails until Tuesday.
The attack, discovered on 16 December 2021, mainly targeted the ministry’s external mail system, resulting in people trying to mail from outside the Defence network getting a message for the past month stating the mail could not be received. The e-mails did arrive, but staff members were not able to respond to them.
“The attack has now been intercepted. To do so, the network itself was taken offline so we could check everything. Yesterday, after a few weeks, the mail traffic was restarted,” Cédric Maes, a spokesperson for Defence Minister Ludivine Dedonder, told The Brussels Times.
He explained that this took a long time because “we wanted to check the entire system before putting it back online and reconnecting it to the outside world.” The restart will be gradual, and a full recovery is expected from 12 February. The internal mail traffic was restored relatively quickly.
According to Dimitri Modaert of the VSOA military union, the military staff was not even able to conduct simple internet researches. He argued the problems were far from resolved, meaning staff are relying on WhatsApp and other apps to get work done.
“Many of the staff say that they still don’t have access to the systems. There is definitely an administrative impact for the management of a lot of files,” he told Radio 1.
He criticised the lack of clear communication about the attack, or whether it resulted in serious information leaks.
Dedonder’s cabinet could not comment on the cause of the attack or a possible perpetrator. At the time of discovery, the ministry said the attack was a result of Log4Shell critical vulnerability, which was being discovered in systems globally at the time.
It was feared that the bug in Apache’s widely-used software Log4j, an open-source Java logging library that keeps a record of activity within an application, would leave various software vulnerable to hackers.