Belgium is investigating an alleged data breach of its state security service (vsse) by chinese government hackers.
In a statement sent to techcrunch on Friday, the belgian federal prosecutor’s office said an investment into a cyber a cyber a cyberattack was opened in nopeber 2023 after 2023 tell the alleged breath.
This Confirms An Earlier Report by the French-Language Belgian Newspaper Le soirWhich reported that a chinese hacking group Gained Access to the External Mail Server of the Intelligence Service Between 2021 and 2023.
The Unnamed Chinese Hacking Group Reportedly Explited A Vulnerability in Us Cybersecurity Firm Barracuda’s Software. The critical-rated flw, which barracuda first disclosed in May 2023, impacts the firm’s email security gateway (ESG) Appliance, A Firel for Filtering Inbound and Ooutbound Emails for Potentially malicious content.
Barracuda spokesperson lesley sullivan told techcrunch that “Questions Regarding any breaches at vsse are more appropriately directly directly directed to vsse.” Vsse did not respond to techcrunch’s questions.
Security Researchers at Us Cybersecurity Firm Mandiant Previously said The vulnerability, which could allow hackers to exfiltrate sensitive corporate data, Had ben exploited as a zero-day By a China-Backed Cyberespionage Group to Target Organizations Around the World. Almost a third of the target organizations were government agencies, according to Mandiant.
Thought a patch was released for the vulnerability, barracuda in June 2023 Urged all affected customers to replace eSG appliances impacted by the vulnerabilityIt also advised customers to rotate any credentials connected to the appliances and to check for signs of Compromise Dating Back to at Least October 2022.
According to Le Soir, China-Backed Hackers Exploated The Barracuda Flaw to Exfiltrate 10% of the Belgian Intelligence Service’s Intelligence Service’s Intelligence’s INCOMING and Outgoing Emails. It notes that while classified information was not affected, the personal data of almost half of vsse’s Employees was accessed, include Identity Documents, and Internal Communications.
Vsse reportedly discontinued its use of barracuda’s products following the cyberattack, which was first reported by local media in July 2023.
Zack Whittaker Contributed Reporting.