The Minister for Foreign Affairs of Belgium says multiple Chinese state-backed threat groups targeted the country’s defense and interior ministries.
“Belgium exposes malicious cyber activities that significantly affected our sovereignty, democracy, security and society at large by targeting the FPS Interior and the Belgian Defence,” the foreign minister said.
“Belgium assesses these malicious cyber activities to have been undertaken by Chinese Advanced Persistent Threats (APT).”
Chinese authorities were urged to adhere to responsible state behavior norms as endorsed by all United Nations member states and to take action against such malicious activity originating from its territory.
The cyberespionage groups named in the Belgian Government statement are APT27, APT30, APT31, and a fourth threat group tracked under multiple names, including Gallium, Softcell, and UNSC 2814.
“We have detected malicious cyber activities that targeted the FPS Interior. These activities can be linked to the hacker groups known as Advanced Persistent Threat 27, Advanced Persistent Threat 30, Advanced Persistent Threat 31,” the minister added Monday.
“We have detected malicious cyber activities that targeted the Belgian Defence. These activities can be linked to the hacker groups known as UNSC 2814/GALLIUM/SOFTCELL.”
Chinese Embassy in Belgium denies accusations
The spokesperson of the Chinese Embassy in Belgium replied to this statement, denying the accusations and pointing to a lack of evidence that would sustain the Belgian government’s claims.
“It is extremely unserious and irresponsible of the Belgian side to issue a statement about the so-called ‘malicious cyberattacks’ by Chinese hackers without any evidence,” the spokesperson said.
“On the one hand, the Belgian side refuses to provide the factual basis and, on the other hand, it makes groundless accusations and deliberately denigrates and smears China.”
However, this is not the first time Chinese-backed threat groups have been blamed for conducting attacks against Western countries.
For instance, the NSA, CISA, and the FBI said in a joint cybersecurity advisory published in June that Chinese state hackers compromised telecommunications companies and network service providers to steal credentials and harvest data.
US and allies (the European Union and the United Kingdom) officially blamed China in June 2021 for last year’s massive Microsoft Exchange hacking spree.
Several Chinese-backed hacking groups, including APT27, were also linked to attacks targeting critical ProxyLogon bugs starting in early March 2021, allowing them to take over and steal data from unpatched Microsoft Exchange servers worldwide.