The media are reporting on a large-scale DDoS attack on the BELNET network on Tuesday, 4 May 2021.
BELNET provides broadband internet access to more than 200 government and public administrations, universities and colleges, research centres, hospitals and cultural institutions.
"All customers are affected in one way or another", explained BELNET spokesperson Davina Luyten. However, she added that the extent of the impact varies from customer to customer. It is not yet known which organisations suffered the most damage.
The DDoS attack on the Belnet network used a total of 257,000 IP addresses from 29 countries, according to an analysis by cybersecurity company Secutec. Proximus and Telenet networks were also overloaded, but the impact was less significant.
What is a DDoS attack?
"A Denial of Service (DoS) attack aims to make one or more services unavailable. A denial of service can consist of exploiting, for example, a software or hardware vulnerability. The service can also be interrupted by preventing access to the service, for example by saturating the network bandwidth: this is known as a volumetric attack. Furthermore, an attack may call upon one or more resources of a service until they are exhausted. For example, this may involve the opening of a large number of new TCP sessions in a very short time interval, or too many concurrent processes carried out by a database.
The term "Distributed Denial of Service" (DDoS) is used when the attack involves a network of (often compromised) machines to interrupt the targeted service(s).
From "Understanding and Anticipating DDoS Attacks" Agence nationale de la sécurité des systèmes d'information (France).
More information on DDoS attacks:
https://www.safeonweb.be/
https://www.ncsc.nl/onderwerpen/ddos (in Dutch)
Download the brochure "Understanding and anticipating DDoS attacks »: https://www.ssi.gouv.fr/uploads/2015/03/NP_Guide_DDoS.pdf
