Hundreds of Belgian organisations hit by cyber attack

Around 270 organisations in Belgium, including law firms, local councils and schools, were affected by a cyber attack in February after their firewalls were compromised.

According to Belgian cybersecurity company Secutec, more than 100 of these organisations can still be accessed online using stolen administrator accounts.

The attack is linked to a Russian hacking group and targeted systems connected to US cybersecurity firm Fortinet. Secutec described it as one of the biggest security incidents ever involving a cybersecurity supplier.

Worldwide, more than 75,000 firewalls were compromised, and over 110 million login details were stolen in a campaign that began earlier this year and is still ongoing.

Hackers gained access through Fortinet’s partner portal, which allows IT providers to manage customer networks. This enabled attackers to break into multiple organisations through a single point of access.

Secutec said poor security practices worsened the problem. None of the affected firewalls used multi-factor authentication, many IT providers reused passwords, and 85% of systems were running outdated software.

At least 150 affected firewalls in Belgium remain directly accessible from the internet, while 110 can still be accessed using administrator credentials. Secutec has informed Belgium’s Cybersecurity Centre about the issue.

^{© Andrew CABALLERO-REYNOLDS / AFP}