Belgian public-sector network suffers cyberattack, affecting parliament

The attack disrupted a planned meeting of Belgian's Foreign Affairs, which had been due to discuss the human rights situation in Xinjiang

Belgium suffered a large-scale DDoS attack on Tuesday, impacting the activities of many of its key institutions including Parliament, ministries, educational establishments and public administration offices.

Threat actors targeted Belgium ' s national public sector network Belnet (Belgian National research and education network) in the attack: a local ISP providing internet connectivity and web services to hundreds of government organisations.

The attack led to widespread disruptions for around 200 customers, knocking both internal systems and public-facing websites offline. Affected systems included the government ' s official tax-filing portal, COVID-19 vaccine reservation portal, and university IT systems.

Belgium's parliament was forced to cancel several planned meetings after it became clear that it would not be possible to stream them for remote participants.

"Due to the health situation, some of the parliamentarians intervene remotely via the Cisco Webex system, but the internet connection problem generated by the cyberattack does not guarantee the continuation of the debates," the parliament said in a statement.

"Meeting canceled. A cyber attack in progress," lawmaker Samuel Cogolati wrote on Twitter.

People who attempted to visit websites on the Belnet network were met with error messages.

Belnet's said on its status page that its network was overwhelmed, and it was working to restore connectivity. The company announced that that its IT teams had implemented several mitigation rules at around 19:30 Central European Time, addressing the attack's impact.

Belnet released an update on Wednesday, announcing that its network was available again and its teams 'remain vigilant.'

"We are fully aware of the impact this attack has caused on the organisations connected to our network and their users and realise that it has profoundly disrupted their operations," said Dirk Haex, Belnet's technical director.

"Belnet permanently invests in cyber security. However, yesterday's DDoS attack was of such magnitude that our entire network has become saturated. The fact that the attackers are constantly changing tactics made it even more difficult to mitigate the attack."

While Belgian authorities did not attribute the DDoS attack to any specific threat actor, some political experts observed that the it began at around the same time the Foreign Affairs Committee was scheduled to hold a meeting on the human rights situation in China's Xinjiang Uyghur Autonomous Region. In particular, the Committee was supposed to hear a testimony from an Uyghur woman who had reportedly escaped from a forced labour camp in China.

Belnet said it was too early to speculate on the origin of the attack, although it did say that the attack was one of the largest it had experienced.

Green MP Wouter De Vriendt suggested that China could be behind the compromised network.

"Conclusions about the cyber attack are premature. But it is important to identify this sensitive context," De Vriendt said.

"Denying that is naïve."