Belgium is investigating an alleged knowledge breach of its state safety service (VSSE) by Chinese language authorities hackers.
In a press release despatched to TechCrunch on Friday, the Belgian federal prosecutor’s workplace mentioned an investigation right into a cyberattack was opened in November 2023 after it realized concerning the alleged breach.
This confirms an earlier report by the French-language Belgian newspaper The eveningwhich reported {that a} Chinese language hacking group gained entry to the exterior mail server of the intelligence service between 2021 and 2023.
The unnamed Chinese language hacking group reportedly exploited a vulnerability in U.S. cybersecurity agency Barracuda’s software program. The critical-rated flaw, which Barracuda first disclosed in Could 2023, impacts the agency’s E mail Safety Gateway (ESG) equipment, a firewall for filtering inbound and outbound emails for probably malicious content material.
Barracuda spokesperson Lesley Sullivan informed TechCrunch that “questions relating to any breaches at VSSE are extra appropriately directed to VSSE.” VSSE didn’t reply to TechCrunch’s questions.
Safety researchers at U.S. cybersecurity agency Mandiant beforehand mentioned the vulnerability, which might enable hackers to exfiltrate delicate company knowledge, had been exploited as a zero-day by a China-backed cyber-espionage group to focus on organizations world wide. Virtually a 3rd of the goal organizations had been authorities companies, in accordance with Mandiant.
Although a patch was launched for the vulnerability, Barracuda in June 2023 urged all affected clients to interchange ESG home equipment impacted by the vulnerability. It additionally suggested clients to rotate any credentials related to the home equipment and to test for indicators of compromise courting again to a minimum of October 2022.
In line with Le Soir, China-backed hackers exploited the Barracuda flaw to exfiltrate 10% of the Belgian intelligence service’s incoming and outgoing emails. It notes that whereas categorised info was not affected, the non-public knowledge of virtually half of VSSE’s workers was accessed, together with identification paperwork, résumés, and inside communications.
VSSE reportedly discontinued its use of Barracuda’s merchandise following the cyberattack, which was first reported by native media in July 2023.
Zack Whittaker contributed reporting.
#Belgium #investigating #alleged #cyberattack #intelligence #company #Chinalinked #hackers