Belgium has suffered, over the past two years, a very large-scale computer hacking, to the point that it has, for the first time, been classified in the “national crisis” category. This is equivalent to a warning signal sent to all branches of the public service to strengthen their protective measures.
Attributed to “a foreign state” – China, “At 99.9%” according to an expert quoted Wednesday, May 26 by the daily From Morgen -, the cyberattack targeted the Federal Ministry of the Interior, whose almost entire system would have been violated, except however its most sensitive elements from the security plan, say official sources, including the federal prosecutor’s office, in charge of terrorism and serious crime.
It was in March that the authorities discovered this intrusion, which began in the spring of 2019 and is, in fact, a very large-scale espionage exercise. The internal intelligence services, military intelligence and the National Crisis Center are responsible for the investigation. The complexity of the operation and the scale of the means used almost certainly refer to the action of a foreign power that the Ministry of the Interior refuses, however, to designate.
Defect identified in 2020
Inti de Ceukelaire, a cybersecurity specialist who defines himself as an “ethical hacker” and had made himself famous by manipulating Donald Trump’s Twitter account in 2018, designates Beijing as the organizer of a hack that used a vulnerability in the Microsoft Exchange system. This allows in particular the exchange of emails within an organization.
This defect, unknown until then, was identified and corrected in 2020. On this occasion, it is a group of Chinese hackers called Hafnium – named after a chemical element – which was designated as the only one capable of having identified this defect. It would be directly linked to the Chinese state.
Hafnium has also been singled out during attacks in the United States that targeted research institutes working in particular on infectious diseases, universities, NGOs, players in the defense sector, etc. For Belgian specialists, it is this group that was therefore at work in 2019 when the Ministry of the Interior was targeted. This oversees all the security services, has all the citizens’ identity data grouped together in a “national register” as well as information on foreign residents, organizes elections, etc.
This is the second time in a few weeks that Belgium has uncovered a cyberattack. Tuesday, May 4, Belnet, a public service that provides Internet access to Parliament, universities, research organizations, hospitals, etc., was paralyzed.
The intelligence services refused, this time too, to designate the possible person responsible for the cyberattack, but all eyes were on China. All the more so as Parliament was debating, that day, the situation of the Uighur minority in Xinjiang with a view to the possible vote of a text condemning the attitude of the Chinese government by qualifying it as “genocide”.