Cyber Incident Victim: Université de Liège

On May 23, 2022, the Université de Liège (ULiège) and the Centre Hospitalier Universitaire de Liège (CHU) experienced a sustained cyberattack lasting 27 hours. The incident began shortly before 1:00 PM local time when connection attempts to their servers abruptly surged to ten times normal levels, peaking at 70,000 requests per second. This volumetric attack saturated external network connections and internet-facing systems, disrupting access to online educational platforms for students and impairing email services. Internal medical systems used by CHU physicians to access patient records remained operational throughout the incident, as the attack primarily targeted externally accessible infrastructure. The scale of the attack represented an unprecedented operational challenge for both institutions, with sustained high-volume traffic overwhelming network capacity.

Belnet, the internet service provider for the ULiège-CHU network, implemented countermeasures approximately three hours after the attack commenced, successfully blocking malicious traffic. Full service restoration required additional mitigation efforts, with systems returning to normal functionality by mid-afternoon on May 24. Institutional analysis confirmed the attack aimed to completely paralyze both internal and external applications rather than compromise or exfiltrate data. No patient records, academic materials, or personal information were corrupted or accessed during the incident. The disruption primarily impacted academic activities through denied access to online learning resources, while hospital operations maintained critical clinical functionality through preserved internal systems.