Enlarge image
The ministry did not provide any information about the perpetrators of the attack
Photo:
Bernd Feil / MiS / IMAGO
The Belgian military has been the target of a cyber attack via the IT vulnerability Log4j.
A spokesman for the Ministry of Defense in Brussels confirmed media reports to the AFP news agency on Tuesday.
The Internet-connected systems of the ministry and the army were contaminated on December 16 and in some cases continue to be paralyzed.
"The analyzes and restores continue," said the spokesman Olivier Séverin.
He did not provide any information about the possible originator of the attack.
The vulnerability was discovered almost two weeks ago.
It is a vulnerability in the logging library »Log4j« of the Java programming language.
A Java library is a software module that is used to implement a specific functionality in other products.
Under certain circumstances, the security gap can be exploited to take control of the corresponding computer and other devices in the network.
(Read more here.)
Immediate "quarantine measures"
When the attack was discovered by the Belgian Ministry of Defense, "quarantine measures" were taken quickly to "contain the infected elements," Séverin told the Belga news agency on Monday.
"The priority is on the operational capability of the network" of the Belgian military.
In Germany, too, the Federal Office for Information Security (BSI) warns of attacks via the vulnerability.
It can be easily exploited and is located in an "unmanageably large number of programs".
The BSI has declared a red alert.
The authority advised companies and organizations in particular to install updates as soon as they are available for individual products.
ngo / afp