Cyber Incident Victim: Rossel
Date:
Apr 2015
Location:
Belgium
Summary
A Belgian media company experienced a distributed denial of service (DDoS) attack lasting several hours, disrupting operations for multiple websites including one of the country's largest French-language newspapers. The incident temporarily forced affected sites offline, with no identified perpetrators or confirmed links to recent cyberattacks against other media entities in the region. The organization's director noted that while facing regular cyber threats, this attack circumvented normal firewall protections.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On April 14, 2015, Belgian media group Rossel experienced a distributed denial of service (DDoS) attack that disrupted operations for several hours during the preceding Sunday. The attack impacted multiple websites under Rossel’s umbrella, including La Soir, one of Belgium’s largest French-language newspapers. Services were temporarily shut down as a result of the incident. The timing coincided with heightened cybersecurity concerns across Europe, following a cyberattack by pro-ISIS sympathizers against French television network TV5 Monde and a separate takeover of a Belgian regional government website by Tunisian extremists. No immediate claim of responsibility or attribution was publicly identified for the Rossel attack.
Didier Hamann, director of Le Soir, confirmed via Twitter that the perpetrator remained unidentified at the time of reporting. He clarified that no evidence linked the incident to the earlier TV5 Monde attack, which had involved defacement and operational disruption. Hamann noted that Rossel’s infrastructure faced regular cyber threats but emphasized the atypical nature of this incident, stating the firewall had not functioned as expected during the DDoS assault. The attack’s primary operational consequence was the temporary unavailability of affected websites, though no data breach or permanent system damage was reported. Restoration efforts focused on mitigating the DDoS traffic and restoring normal service access for users.