The attack overwhelmed the systems of a Belgian ISP, leading to widespread service outages and disruptions
Many government websites and services in Belgium were knocked offline on Tuesday after Belnet, the internet service provider (ISP) for the country’s public sector, was hit by a massive distributed denial-of-service (DDoS) attack.
According to Belnet, the attack started on Tuesday morning and affected all of the approximately 200 institutions and organizations that use the company’s services. Public offices, universities and research institutes were all left partially or entirely without internet access and their websites were all but inaccessible.
“There is no indication that cybercriminals have infiltrated any network. Everything indicates that the attack was aimed solely at saturating the Belnet network,” said the ISP.
Indeed, DDoS onslaughts – which involve overwhelming a target with traffic from a large number of devices corralled into botnet – are often unleashed as a way to extort money from the targets or as a cover for other attacks. In any of their flavors, DDoS attack cost organizations millions in lost revenue, not to speak of reputational damage. The attacks in Belgium may in a way be seen as a worrying testimony to the scale of the cyberthreat faced by governments worldwide.
Meanwhile, Euractiv reported that the effects of the attack were also felt by online reservation systems for COVID-19 vaccinations. The Wallonia-Brussels Federation parliament was also affected and had to adjourn its committee work.
“We are fully aware of the impact on the organizations connected to our network and their users and we are aware that this has profoundly disrupted their functioning. Belnet continually invests in cybersecurity. However, yesterday’s DDoS attack was of such a scale that our entire network was saturated. The fact that the perpetrators of the attack constantly changed tactics made it even more difficult to neutralize it “, Dirk Haex, technical director at Belnet, said on Wednesday.
Per the Belgian network provider’s status page, the DDoS attack took place in successive waves. Belnet and the Center for Cybersecurity Belgium were ultimately able to bring the attack under control and mitigate its impact. By Wednesday morning the situation was stabilized, but the team remains on high alert in case the storm isn’t entirely over yet.
“The situation remains stable. However, we remain vigilant to counter any new attempts. Remainder incidents are being treated in close collaboration with the impacted customers with the necessary priority,” reads the latest update on the situation. There is no word on who is behind the attack.