China-linked cyber attack on Belgium security watchdog under investigation

Belgium has revealed it’s actively investigating a Chinese government-linked cyber attack on its intelligence agency.

The nation’s State Security Service (VSSE) suffered a cyber incident affecting its email systems, according to the Belgium federal prosecutor’s office.

According to media reports, the investigation was first opened in November 2023, just as the agency discovered the cyber incident.

You’re out of free articles for this month

Username or Email

Password Forgot password?

Keep me signed in on this device.

First Name

Last Name

Mobile

Organisation Type

By becoming a member, I agree to receive information and promotional messages from Cyber Daily. I can opt out of these communications at any time. For more information, please visit our Privacy Statement.

Need help signing up? Visit the Help Centre.

The investigation announcement confirms an earlier report published by French-speaking Belgian publication Le Soir, which said the incident saw an unidentified Chinese state-linked threat actor gain access from 2021 and 2023. During that time, the threat actors reportedly intercepted roughly 10 per cent of the VSSE’s external email traffic.

Government, public prosecutors and law enforcement communications were managed by the affected system.

However, Barracuda has told Cyber Daily that the vulnerability was not exploited in 2021 and that the exploitation took place in 2023.

“Exploitation of the vulnerability impacting less than five percent of Email Security Gateway appliances took place in 2023 – not 2021. Our investigation data confirms that the vulnerability was not exploited in 2021," Barracuda told Cyber Daily.

VIEW ALL

“Barracuda promptly remediated the issue, which was fixed as part of the BNSF-36456 patch and applied to all customer appliances."

Le Soir also said the breach was a result of hackers exploiting a vulnerability in software by Barracuda, the US cyber security organisation.

The software in question is the firm’s Email Security Gateway (ESG), a program that filters emails for malware and other dangerous content.

Barracuda first revealed the vulnerability in May 2023 and released a patch in June; however, it still advised that any ESG appliances compromised or affected by the vulnerability be replaced and any credentials be changed.

According to reports, the VSSE has since dropped its use of Barracuda products.

Other than being believed to have ties to the Chinese government, the threat group has not been identified. The VSSE also confirmed that classified internal communications were not compromised.

The Chinese embassy in Belgium has denied any involvement and said the VSSE lacked evidence to back its accusations.

Update 04/03/2025 - Added Barracuda comment.

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

You need to be a member to post comments. Become a member for free today!

newsletter

Be the first to hear the latest developments in the cyber industry.

China-linked cyber attack on Belgium security watchdog under investigation

Daniel Croft

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

STAY CONNECTED