A massive DDoS attack inundated organizations across Belgium with bad traffic. Impacted organizations included the Belgium government, parliament, universities, and research institutes. The large-scale distributed denial of service (DDoS) attack took down the websites of more than 200 organizations across Belgium. The attack started at 11 am on Tuesday 4 May and rendered their public-facing sites unreachable for visitors. The attack has also overwhelmed the internal IT systems of these organizations.
Such a wide area of impact is explained by the fact that attackers hit Belnet, the government-funded ISP provider. Belgium’s educational institutions, scientific institutes, research centers, and government services – including government ministries and the Belgian parliament – all rely on its services.
As a result of the attack, some debates and committee meetings have been postponed as users couldn’t access the virtual services required to run them.
The Center for Cybersecurity Belgium (CCB), Belgium’s central authority for cybersecurity, was involved to help to investigate, contain, and resolve the attack.
Another reason why the attack was disruptive is that its operators kept changing the techniques behind it.
“The fact that the perpetrators of the attack constantly changed tactics made it even more difficult to neutralize it,” said Dirk Haex, technical director at Belnet.
In an update posted on its website one day following the attack, Belnet said its services are back online but it is remaining on high alert for potential follow-up attacks.
“We are fully aware of the impact on the organizations connected to our network and their users and we are aware that this has profoundly disrupted their functioning,” said Haex.
The intent behind the attack on Belnet is purely disruption, the company believes since there’s been no data breach or theft during the attack, nor did cybercriminals penetrated the network.
Belnet could not determine who was behind the attack, but the network provider is still investigating it.