+49 2641 3703 – 0 +49 2641 3703 – 199 info@monch-group.com

Belgian MoD Hit By Cyber Attack

Unknown Attackers Leveraged Log4J Vulnerability

The Belgian defence ministry has confirmed that some of its networks have been hit by a cyber attack, launched by as-yet unidentified actors, which leveraged recently-discovered errors in the widely used software Log4j.

“[The ministry] discovered an attack on its Internet-enabled computer network on Thursday [16 December],” MoD spokesperson Olivier Séverin told news agencies. “Rapid quarantine measures were taken to isolate the affected parts. Our teams have been mobilised throughout the weekend to keep the problem under control, continue our activities and warn our partners. The priority is to keep the defence network operational.

Log4j is an open-source library used widely by developers to keep records of the activity within their software. Almost all software has development logs and Log4j is a common tool used to carry out this task. A vulnerability in Log4j, called LOG4SHELL (or, formally, CVE-2021-4428), was discovered early in December. The vulnerability is relatively easy to exploit, and can give attackers the ability to steal passwords and credentials, exfiltrate data, and place malware on targeted systems.

Although patches that prevent LOG4SHELL being exploited have been released, Log4j’s widespread deployment means that many systems will include it without users being aware, so may not realise that patching is required for their systems. The UK’s National Cyber Security Centre says LOG4SHELL is “potentially the most severe computer vulnerability in years.”

On 15 December, the Israeli cybersecurity firm Check Point Software Technologies attributed LOG4SHELL exploit attacks against seven targets in Israel to the hacking group APT 35, also known as CHARMING KITTEN. The target entities were not identified but Check Point’s blog post described them as “from the government and business sector“. The company noted the attacks were blocked, and that communication between a server used by APT 35 and the Israeli targets was observed.

Logging tools are used by programmers to keep records of software activity. (Photo: NCSC)

Related Posts

Publish date

12/23/2021

Sign up to our newsletter and stay up to date.

News

Air

C4ISR

Components / Systems

Cyber

Defence Business

Homeland Security

International Security

Land

Latin America (Spanish)

Logistics

Naval

Training & Simulation

Space

Special Forces

Unmanned

Publications

Contact Us

Contact Info

Mönch Verlagsgesellschaft mbH
Christine-Demmer-Straße 7
53474 Bad Neuenahr – Ahrweiler

+49 2641 3703 – 0

+49 2641 3703 - 199

Follow On

X