Following the recent cyber attacks on several municipalities, the Flemish government will set up a "war room" to support local governments in their fight against cyber attacks, Flemish Home Affairs Ministers Bart Somers announced on Monday.
After the city of Antwerp last week, Diest (in the Flemish Brabant province) and Zwijndrecht (Antwerp province) have now been hit by cyber attacks. Meanwhile, the Antwerp attack has been claimed by the hacker collective Play, which is threatening to publish all the data in its possession if the city does not pay a ransom.
"They are not the first, but certainly not the last cyber attacks. Professional hackers are carrying out attacks on an industrial scale," said Somers in a press release. "It is even possible that some cities and municipalities have already been hacked but the criminals are waiting for the right moment to take everything down."
Currently, the internal operations and services in Antwerp are severely disrupted; the hacker collective claims to have stolen 557 gigabytes of data and demands a ransom. If the City of Antwerp refuses to pay, the hacker collective said that it will publish all documents.
Setting up a war room
Last night, the city of Diest also fell victim to a cyber-attack, affecting its internal and external operations; the municipality of Zwijndrecht was hit as well. Somers called for a "war room that can support our local governments". The minister also urged authorities to carry out cyber audits, for which Flanders has provided funds. "142 local governments have already signed up for cyber-audits, I call on the other 158 to do the same as soon as possible."
To prevent attacks, the Flemish Government is working with ethical hackers – mostly ICT students from the HOWEST college who help local governments detect where and how to strengthen cyber security.
Lessons learned from the attack in Antwerp are being passed on immediately to the service providers of the other local authorities, which will receive a checklist of the most important points. An info session with all local authorities is planned in consultation with Minister-President Jan Jambon and the Association of Flemish Cities and Municipalities (VVSG).
"Prevention is better than cure but it is likely that other local governments will be victims," said Somers. "The moment cyber attacks like those in Antwerp and Diest occur, local governments need to know what to do and who to turn to."
Therefore, the Flemish Government will set up an inter-federal "war room," from which all communication with local governments will be coordinated with a Single Point of Contact (SPOC) for each local government. "Flanders must be able to help cities and municipalities swiftly."
In the meantime, the Centre for Cybersecurity in Belgium (CCB) has no indications that specific municipalities are targeted in Belgium. CCB spokesperson Katrien Eggers told VRT that ransomware is not a new phenomenon and that "Hackers simply look for vulnerabilities to exploit in IT systems."
- City of Antwerp hit by cyber attack
- December 2021 cyberattack cost Defence Ministry €2.25 million
- 'Cybersecurity' master's programme launched at KU Leuven
There are currently no indications that the same person(s) are behind the various attacks, Eggers stated, pointing out that the CCB has been warning of cyber attacks for several years.
Though no additional campaign to improve cyber security is planned, the CCB will highlight its recommendations again. Robust practices can be found on the cert.be website. "If we know of a concrete threat, we will always communicate it. Companies or organisations are notified if we spot a weak spot but that system is not foolproof," Eggers said.
The CCB helps affected companies, organisations or city councils if they wish but does not communicate the measures taken.