On Tuesday, May 4, Belgium faced a widespread internet outage when the country’s leading internet service provider (ISP), Belnet, was reportedly bombarded by multiple waves of DDoS attacks.
DDoS Attack on Belnet
According to Belnet’s security update, the first wave of attacks hit the ISP company around 11 a.m. The security teams immediately sprang into action “to mitigate the attack and to build alternate paths for the traffic” to normalize the situation. Additionally, they contacted the Center for Cybersecurity Belgium (CCB) for teaming up with their resources to quickly contain the attack. However, its ripple effects were soon felt elsewhere as nearly 200 organizations, including universities, public administrations, and research institutes reported: “complete or partial cut off from the Internet.”
The Known Casualties
One such incident was reported in the parliament of the Wallonia-Brussels Federation. It was forced to suspend its committee meeting on “the situation of Uyghurs in China,” as the parliamentarians working remotely via the Cisco Webex were unable to continue their debate because of the internet outage. Similarly, the online reservation systems for COVID-19 vaccinations in Belgium also went down, temporarily halting the vaccination program for a while.
Around 4:30 p.m, Belnet gave another update saying, “The attack is still in progress and takes place in successive waves.” But exactly two hours later, Belnet’s security team was finally able to contain it and saw the effect of the attack “diminishing.”
Dirk Haex, Technical Director at Belnet, said,
We are fully aware of the impact on the organizations connected to our network and their users and we are aware that this has profoundly disrupted their functioning. Belnet continually invests in cybersecurity. However, yesterday’s DDoS attack was of such a scale that our entire network was saturated. The fact that the perpetrators of the attack constantly changed tactics made it even more difficult to neutralize it.
Belnet stated that the attack did not seem like a data breach or theft of data attempt. No networks were infiltrated during the attack and the attack was probably initiated with the sole intent of “saturating” Belnet’s network.
The investigation is still ongoing and the culprit behind the targeted DDoS attack on Belnet is yet to be identified. However, MP Wouter De Vriendt suggested that China may well be behind the attack.