Cyber Incident Victim: Liège
Date:
Oct 2024
Location:
Belgium
Summary
A pro-Russian hacker group conducted distributed denial-of-service (DDoS) attacks against multiple Belgian municipalities and port authorities, causing temporary website outages. The attackers, identified as NoName057, claimed responsibility via Telegram, citing retaliation for Belgium's planned military support to Ukraine and labeling the country as "Russophobic." The collective also threatened to disrupt upcoming local elections, indicating intent to target electoral infrastructure. Cybersecurity authorities assessed the attacks as non-dangerous but disruptive, involving server overload through excessive traffic requests. This incident followed a similar attack on provincial websites the previous day, part of an escalating pattern of cyber operations linked to geopolitical tensions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On October 7, 2024, the pro-Russian hacker collective NoName057 conducted distributed denial-of-service (DDoS) attacks against multiple Belgian municipal and port authority websites. This followed an initial attack on October 6 targeting provincial government websites. The group publicly claimed responsibility through their Telegram channel at 8:44 AM on October 7, listing specific targets including the municipalities of Sint-Genesius-Rode and Linkebeek, along with the Port of Antwerp and Port of Zeebrugge. Attack methodology involved flooding servers with excessive traffic requests to overload systems and disrupt public access. The Centre for Cybersecurity Belgium (CCB) characterized the attacks as non-dangerous due to their superficial DDoS nature, though they caused temporary service outages. NoName057 explicitly linked both attacks to Belgium's military support for Ukraine, referencing an upcoming government proposal to transfer Caesar artillery units to Ukrainian forces.
The operational impact involved temporary unavailability of targeted websites during attack periods, though no data breaches or system compromises were reported. The CCB monitored both incidents but did not detail specific mitigation measures beyond technical characterization of the DDoS methodology. NoName057 amplified psychological impact by threatening further disruptions targeting Belgium's local elections scheduled for October 13, 2024, explicitly referencing municipal council votes in their Telegram post. The collective framed their actions as retaliation against what they termed "Russophobic Belgium," directly citing geopolitical motivations tied to Western military aid to Ukraine. No infrastructure damage, financial losses, or secondary consequences beyond service interruptions were documented in available reporting.