In recent times, we’ve seen a surge of news stories detailing cyberattacks on various companies, ranging from DDoS attacks to data breaches. However, a new report sheds light on a significant breach involving a Chinese hacking group infiltrating the network of Belgium’s Intelligence and Security Agency (VSSE). The attackers exploited a vulnerability in the firewalls and email security software provided by Barracuda Networks.
The State Security Service (VSSE) provided some insight into the incident in a statement to Le Soir, where a spokesperson confirmed that a Chinese hacking group (whose name remains undisclosed) had gained unauthorized access to the VSSE’s external email servers between 2021 and 2023. The breach was discovered in November 2023, prompting an investigation, which revealed that the hackers exploited a flaw in Barracuda Networks’ software to steal data.
Following a thorough investigation, the VSSE identified that the fault lay with the security system. As a result, in February 2024, the agency severed ties with Barracuda Networks and enlisted a new security software provider to address their security needs moving forward.
In response to the news, Lesley Sullivan, a spokesperson for Barracuda Networks, clarified that the company was not responsible for the breach. Sullivan emphasized that it was the VSSE’s responsibility to secure its assets, and Barracuda’s role was limited to providing the necessary tools for the agency to safeguard its network.
From Barracuda’s perspective, the company had taken action to resolve the critical flaw in its Email Security Gateway (ESG) software in May 2023, well before the breach was discovered. The flaw had likely been overlooked by the agency’s administrators. The ESG software is designed to monitor the flow of inbound and outbound emails while filtering out malicious content.
Cybersecurity insiders report that the breach, attributed to China-backed threat actors, resulted in unauthorized access to over 10% of the VSSE’s email traffic. While no classified information was compromised, much of the stolen data was related to internal communications between employees.
Ad
Join over 500,000 cybersecurity professionals in our LinkedIn group “Information Security Community”!