Belgium is investigating alleged data breach by Chinese government hackers on its National Security Services Agency (VSSE).
The Belgian federal prosecutor’s office said in a statement sent to TechCrunch on Friday that the investigation into the cyber attack began to learn about the alleged violations in November 2023.
This confirms early reports from the French language Belgian newspaper Le Soirthe report said that a Chinese hacker group received access to external mail servers of intelligence services between 2021 and 2023.
The unnamed Chinese hacker team reportedly took advantage of the vulnerability in the software of the U.S. cybersecurity company Barracuda. The critical rating flaw that Barracuda first disclosed in May 2023 affects the company’s email security gateway (ESG) device, a firewall used to filter inbound and outbound emails for potentially malicious content.
Barracuda spokesman Lesley Sullivan told TechCrunch: “The question about any violation of VSSE is more suitable for VSSE.” VSSE did not answer TechCrunch’s questions.
Security researchers at Mandiant, a US cybersecurity company Said before The vulnerability could enable hackers to penetrate sensitive company data and be exploited as Zero Day China-backed network growth group targets the global target organization. According to Mandiant, almost one-third of the target organizations are government agencies.
Although a patch was released for the vulnerability, Barracuda was in June 2023 Urge all affected customers to replace ESG devices affected by the vulnerability. It also recommends that customers rotate any credentials connected to the appliance and check for signs of tradeoffs dating back at least October 2022.
According to Le Soir, Chinese-backed hackers have exploited the flaws of Barracuda to deprive Belgian intelligence agencies of 10% of the upcoming emails. It noted that although it did not affect confidential information, it accessed nearly half of the personal data of VSSE employees, including identity documents, resumes and internal communications.
VSSE reportedly stopped using pike products after a cyberattack, which was reportedly Local media July 2023.
Zack Whittaker contributed the report.
