Belgium is investigating an alleged knowledge breach of its state safety service (VSSE) by Chinese authorities hackers.
In an announcement despatched to TechCrunch on Friday, the Belgian federal prosecutor’s workplace stated an investigation right into a cyberattack was opened in November 2023 after it realized in regards to the alleged breach.
This confirms an earlier report by the French-language Belgian newspaper Le Soir, which reported {that a} Chinese hacking group gained entry to the exterior mail server of the intelligence service between 2021 and 2023.
The unnamed Chinese hacking group reportedly exploited a vulnerability in U.S. cybersecurity agency Barracuda’s software program. The critical-rated flaw, which Barracuda first disclosed in May 2023, impacts the agency’s Email Security Gateway (ESG) equipment, a firewall for filtering inbound and outbound emails for probably malicious content material.
Barracuda spokesperson Lesley Sullivan instructed TechCrunch that “questions concerning any breaches at VSSE are extra appropriately directed to VSSE.” VSSE didn’t reply to TechCrunch’s questions.
Security researchers at U.S. cybersecurity agency Mandiant beforehand stated the vulnerability, which might enable hackers to exfiltrate delicate company knowledge, had been exploited as a zero-day by a China-backed cyberespionage group to focus on organizations world wide. Almost a 3rd of the goal organizations have been authorities businesses, in keeping with Mandiant.
Though a patch was launched for the vulnerability, Barracuda in June 2023 urged all affected clients to switch ESG home equipment impacted by the vulnerability. It additionally suggested clients to rotate any credentials linked to the home equipment and to test for indicators of compromise relationship again to at the very least October 2022.
According to Le Soir, China-backed hackers exploited the Barracuda flaw to exfiltrate 10% of the Belgian intelligence service’s incoming and outgoing emails. It notes that whereas categorised data was not affected, the private knowledge of virtually half of VSSE’s staff was accessed, together with identification paperwork, resumes, and inside communications.
VSSE reportedly discontinued its use of Barracuda’s merchandise following the cyberattack, which was first reported by native media in July 2023.
Zack Whittaker contributed reporting.
