Hackers have stolen files on Ukraine crisis from Belgian Foreign Ministry

Unknown hackers have stolen files on the Ukraine crisis from the Belgian Foreign Ministry, causing the crackdown of targeted servers.

A new cyber espionage campaign hit the Belgian foreign ministry, unknown hackers have stolen data related to the Ukraine crisis last week. The cyber attack has caused the crackdown of targeted servers which has left diplomats without Internet, also email services were impacted by the attacks.

The attackers used a malicious code to infiltrate Belgian foreign ministry networks and steal documents related to the situation in Ukraine, it’s my personal opinion that we are faced with a new state-sponsored attack, hackers in fact were specifically interested to the crisis in East Europe and targeted the Belgium entity because its access to sensitive information managed by countries in the European Union.

Let’s consider also that the Belgian capital of Brussels hosts the headquarter of the European Union, it is the primary seat, the major institutions of the European Council are based wholly or in part in the Belgian city.

“It was malware which copied documents specifically related to the Ukraine crisis,” “We saw that data was stolen about the crisis in Ukraine but we do not yet know who stole it,” reported a spokesman for the Belgian foreign ministry.

The spokesman avoided to provide further details on the stolen documents and their level of confidence, he also confirmed that the network has been completely shut down all the services were interrupted. According official news the cyber attack hasn’t impacted the ministry’s internal networks, the Communication with Belgium’s embassies were no interrupted after the offensive.

This isn’t the first incident occurred in Belgium, in September Belgacom, the largest telecommunications company in Belgium and primarily state owned, announced that its IT  infrastructure has suffered a cyber attack malware based. The attackers hacked company IT systems and infected with an unknown malware. A few dozen machines on the company’s network were compromised, including some servers. The concerning news is that the intrusion had been active for as long as two months by the time the Belgian company discovered it.

“Experts discovered a virus in the offices of Prime Minister Elio Di Rupo, which they said was communicating with a server in Hong Kong. Last May, hackers sent emails from Di Rupo’s personal account to a Belgian newspaper.” reported Reuters.

Currently investigations on the cyber attack  are ongoing.

Pierluigi Paganini

(Security Affairs –  Belgian foreign ministry, cyber espionage)