The Belgian federal public service Home Affairs has fallen victim to hackers, De Standaard reports. According to the Flemish newspaper, this is a clear case of state sponsored hacking, “in all likelihood by China”.
The intruders had access to the entire computer system. The hack was so complex that it is difficult to determine what exactly they got to see, but according to De Standaard it is certain that they had access to practically all communications and internal data from the Interior.
All police services and their databases are covered by the service, as are the organization of elections, crisis management, immigration affairs, and the issuing of identity cards. According to the newspaper, this is the most serious case of state sponsored hacking which Belgium has had to deal with so far.
The leak has now been closed and the infected computer systems have been cleaned up. The federal prosecutor’s office has announced that an investigation is underway. Other government services have taken extra measures to protect themselves.
Hafnium affair
The hack at the government service, which is comparable to a ministry, came to light through the Hafnium affair. In March, Microsoft announced that Chinese hackers had entered computers via a vulnerability in Exchange, a Microsoft email program. The software company calls the hacker group ‘Hafnium’.
Microsoft’s disclosure prompted organizations, businesses and governments, many of which work with Microsoft Exchange, to look for hacking attempts through the vulnerability. When it was checked at the Ministry of the Interior whether the service had fallen prey to such a hack via Exchange, the large-scale burglary was discovered. The first traces go back to the spring of 2019.
According to Microsoft, Hafnium is a well-trained group of hackers working from China. According to the software developer, they mainly target companies in the United States. They can penetrate deep into computer systems through the vulnerability in Exchange.
