Log4j Attack On Belgian Government CONFIRMED By Country's Defense Ministry

A Log4j attack on the Belgian government has been confirmed by the country's Ministry of Defense.

According to ZDNet, the breach targeted one of the country's computer networks connected to the internet. While they didn't confirm what kind of attack it was, they did say that they quickly put so-called "quarantine measures" to contain the breach so as to not let it spread.

As of this writing, the Belgian government is prioritizing making the network operable. They're also monitoring the attack, deploying containment teams, and alerting their (cybersecurity) partners.

Belgian Defense Minister Ludivine Dedonder confirmed that the ministry is "working hard" to secure its networks, further adding that the Belgian government will invest a considerable amount into their cybersecurity infrastructure, writes Politico.

After this attack, Katrien Eggers, who serves as the spokesperson for the Centre for Cybersecurity Belgium has said that they've warned numerous Belgian companies who might be using the Log4j tool to be aware of the potential dangers.

This direct attack on a government body is not the first time that the Log4j vulnerability was exploited to hack into the "big leagues''.

After its initial discovery earlier this month, hackers (which are allegedly state-backed by countries such as China), the vulnerability has been used to target big-name companies. Among the ones affected include Microsoft, who owns the game where it was first discovered: the massively popular "Minecraft" (its servers, specifically).

Hackers were allegedly using the game's chat boxes to type a single, malicious line of code to breach users' systems. Since then, Microsoft has patched the issue, and urged "Minecraft" players to update their game immediately.

Read Also: Log4J Attacks Top 840,000 Within Three Days; 100 A MINUTE During The Past Weekend

How The World Has Handled The Crisis

Numerous patches have been released by Apache, the creator of the Log4j tool, to combat the exploit and fix it. As of this writing, the company has discovered a third security flaw and released a new patch.

This security flaw is rated a 7.5 out of 10, which basically means it is of high severity or even "critical". Apache found the flaw on the tools 2.0-alpha1 to as latest as the 2.16.0 version.

Other companies have also been trying to deal with the issue themselves. According to CNN, IBM, Cloudflare, AWS, and Oracle have now issued official advisories to their customers about the dangers of the Log4j vulnerability. Aside from this, they are also pushing security updates that specifically target the flaw.

Just How Bad Can A Log4j Attack Be?

Things can get pretty technical when talking about this flaw, but there's one thing you should know: cybersecurity experts are considering it one of the most serious ones in history, according to The New York Post.

Jen Easterly, who serves as the Director of the Cybersecurity and Infrastructure Security Agency, even goes as far as calling the exploit the "most serious vulnerability that I have seen in my decades-long career." Here's an interview she did with CNBC:

“The Log4j vulnerability is the most serious vulnerability that I have seen in my decades-long career,” CISA Director Jen Easterly tells @EamonJavers in an exclusive interview. “Everyone should assume that they are exposed and vulnerable.” pic.twitter.com/AJfaTuZ8FE

— CNBC (@CNBC) December 16, 2021

 

For now, ordinary users can't do much on the software side to protect themselves-aside from making sure their devices are updated on the security end.

Related Article: NASA Denies Using Log4j On Ingenuity Helicopter; Confirms That It Has Not Been Hacked

This article is owned by Tech Times

Written by RJ Pierce