Belgium’s State Security Service (VSSE) has suffered what is being described as its most severe security breach to date.
For nearly two years, a group of Chinese hackers exploited a vulnerability in Barracuda’s Email Security Gateway Appliance, a cybersecurity tool used by the VSSE, to access approximately 10% of the agency’s email traffic.
The breach, which also impacted the Belgian Pipeline Organisation (BPO), was first revealed in 2023 by Knack and Datanews, but its full extent has only now come to light.
Although classified information appears to have been spared, the hackers potentially compromised personal data belonging to nearly half of the VSSE’s personnel.
The internal investigation has so far failed to determine precisely what data was stolen.
This incident highlights significant vulnerabilities in the digital infrastructure of critical Belgian institutions and underscores the growing sophistication of state-sponsored cyberattacks.
Implications for Belgian Intelligence and Security
The breach has raised serious concerns about the security protocols of the VSSE and its reliance on third-party cybersecurity solutions.
Barracuda, an American company specializing in email protection software, disclosed in 2023 that its Email Security Gateway Appliance had been exploited by hackers.
The tool, designed to act as a firewall for email communications, became a gateway for espionage instead.
The attackers siphoned sensitive information undetected for an extended period, targeting both incoming and outgoing communications.
While no classified intelligence is believed to have been accessed, the exposure of personal data could have far-reaching consequences.
Compromised information may include details about VSSE employees, which could be leveraged for further espionage or coercion.
This incident also casts doubt on the security of other organizations using similar technology.
Chinese Embassy Denies Allegations
According tot the Report, In response to the revelations, the Chinese Embassy in Belgium dismissed the allegations as “false information.”
This denial is consistent with Beijing’s broader stance on accusations of state-sponsored cyberespionage.
However, cybersecurity experts warn that such incidents are part of a broader trend of cyberattacks targeting Western institutions by advanced persistent threat (APT) groups linked to China.
The breach has prompted calls for enhanced cybersecurity measures across Belgian government agencies and critical infrastructure organizations.
Experts emphasize the need for stricter oversight of third-party software providers and improved detection mechanisms to prevent similar incidents in the future.
As investigations continue, this breach serves as a stark reminder of the vulnerabilities inherent in modern digital systems and the persistent threat posed by state-sponsored cyberattacks.
Collect Threat Intelligence on the Latest Malware and Phishing Attacks with ANY.RUN TI Lookup -> Try for free