Belgian Military Pwned Via Log4j Attack

It had to happen sooner or later, and it appears that the Belgian military has become a victim of the Log4j vulnerability:

The Belgian Ministry of Defense has confirmed a cyberattack on its networks that involved the Log4j vulnerability. In a statement, the Defense Ministry said it discovered an attack on its computer network with internet access on Thursday. They did not say if it was a ransomware attack but explained that “quarantine measures” were quickly put in place to “contain the infected elements.” “Priority was given to the operability of the network. Monitoring will continue. Throughout the weekend, our teams were mobilized to contain the problem, continue our operations and alert our partners,” the Defense Ministry said. “This attack follows the exploitation of the Log4j vulnerability, which was made public last week and for which IT specialists around the world are jumping into the breach. The Ministry of Defense will not provide any further information at this stage.” 

Chances are they aren’t going to be the last victim. Of course I say that as if there are not other victims out there. Because there are and we haven’t heard about it. This reinforces the fact that everybody everywhere needs to patch everything as quickly as possible as this is clearly being actively exploited.

Leave a Reply

%d bloggers like this: