Cyber Incident Victim: De Standaard
Date:
Oct 2016
Location:
Belgium
Summary
The Syrian Cyber Army conducted DDoS attacks against multiple Belgian media outlets, including De Standaard, causing significant downtime and slow performance across targeted websites. The group claimed responsibility for the disruptions, citing the media's failure to report Belgian military involvement in airstrikes near Aleppo that allegedly caused civilian casualties. Accusations emerged linking the attackers to Russian financing and the use of Turkish infrastructure to execute the attacks, while Belgian authorities investigated potential connections between the SCA and the Syrian Electronic Army.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On October 24, 2016, the Syrian Cyber Army (SCA) executed distributed denial-of-service (DDoS) attacks against multiple Belgian media organizations, including De Standaard, Het Nieuwsblad, Gazet van Antwerpen, Het Belang van Limburg, and RTFB. The group publicly claimed responsibility through a message posted on its homepage, distinguishing itself from the similarly named Syrian Electronic Army. De Standaard and Het Nieuwsblad confirmed their websites were impacted by the attacks, which caused significant service disruptions. Most targeted websites experienced prolonged downtime, while others suffered severe performance degradation, rendering them extremely slow or intermittently inaccessible to users. The SCA justified its actions by alleging Belgian media had deliberately omitted reports that two Belgian F-16 military jets participated in coalition airstrikes on Hassadjek, near Aleppo, on October 18. Russia’s military had documented these strikes, asserting they destroyed two residential structures, killed six civilians, and injured four others at approximately 03:00 AM local time.
Belgian authorities initiated an investigation into the attacks following confirmation from affected organizations. Het Nieuwsblad published accusations that Russia financed the SCA’s operations and identified Turkey-based servers as the infrastructure used to execute the DDoS campaigns. Law enforcement agencies assessed potential connections between the SCA and the more established Syrian Electronic Army, citing operational similarities and possible member affiliations. No technical details regarding attack vectors, traffic volumes, or mitigation measures implemented by victims were disclosed publicly. The incident highlighted geopolitical tensions surrounding international military interventions in Syria, with cyber operations targeting media entities perceived as suppressing or misrepresenting conflict-related information. Service restoration timelines for impacted websites remained unspecified in available reports.