📢 What happened?
An allegedly Chinese-sponsored hacker group carried out a sustained cyberattack (2021-2023) on the Belgian State Security Service (VSSE), stealing sensitive information.
The hackers exploited a vulnerability in Microsoft Exchange servers (CVE-2021-26855) and inserted a backdoor called GhostEcho, attributed to the APT31 group.
The attackers collected a vast amount of information, including diplomatic correspondence, undercover agent identities, and counter-terrorism reports.
The attackers managed to hide their activities for years using advanced techniques such as targeted phishing and cloud infrastructure in Hong Kong for data transfer
💬 International reactions:
The Belgian Minister of Justice called the hack a “declaration of digital war” and announced the opening of an in-depth investigation. The Belgian Prime Minister summoned the Chinese ambassador for clarification, and the European Union held urgent discussions to strengthen the cybersecurity of its institutions. At the same time, NATO and Europol began assessing the risks of the exposed information, fearing that it could harm counter-terrorism operations. The Chinese government denied involvement, claiming the accusations were “baseless and an attempt to inflame international tensions.”
⚠ Potential implications:
The stolen information could expose intelligence networks and jeopardize cooperation between Western agencies. The breach raises serious concerns about the level of security of European government institutions and their ability to defend against sophisticated cyberattacks.
Inter-state espionage is nothing new, but it is an unprecedented event whose consequences we will see in time.
Stay vigilant, and do not hesitate to report any suspicious activity.