Menu
Browse

Védelmi Beszerzési Ügynökség

Aliases: 2 aliases
Primary URL Location Industry
vbu[.]hu
Country Hungary
Government - National Icon
Government - National
Profile

Védelmi Beszerzési Ügynökséget (VBÜ) is a Hungarian state agency whose mandate is limited to the procurement of goods and services for the military and law‑enforcement sectors. The organisation’s primary responsibility is to source the equipment, materiel, and support services required by military and law‑enforcement entities. In fulfilling this role, VBÜ oversees the entire procurement cycle, beginning with the identification of requirements and extending through market research, tender preparation, and bid evaluation. After evaluating offers, the agency awards contracts and monitors their execution to ensure that delivered items meet specified technical and quality standards. Throughout the process, VBÜ enforces compliance with national procurement legislation and defence‑specific regulatory frameworks. The agency also maintains comprehensive internal records, including financial accounts, correspondence, and procedural documentation that support audit and oversight functions. Among the documents it produces are notices that can alter or suspend planned procurement activities, reflecting its authority to adjust acquisition schedules. As a public‑sector body, VBÜ operates under state authority and adheres to the directives of the Hungarian government.

VBÜ’s distinguishing attribute is its exclusive focus on defence and law‑enforcement procurement. This specialisation gives the agency a regulatory role in overseeing procurement compliance. Notable competencies attributed to VBÜ include the ability to manage complex, high‑value contracts and to handle sensitive information related to procurement planning and execution. The agency’s operational profile was highlighted in November 2024 when it became the target of a ransomware attack conducted by the Inc. Ransomware group. During the incident, the attackers encrypted files on VBÜ’s internal systems and demanded a ransom of five million United States dollars in exchange for the decryption key and a promise not to publish the stolen data. In addition to encryption, the threat actors exfiltrated a variety of confidential material, comprising financial reports, internal email exchanges, detailed procurement lists, organisational charts, and a document that outlined a temporary suspension of future procurement procedures. Although Hungarian officials publicly asserted that no classified military structural data had been compromised, they acknowledged the breach and confirmed that a criminal investigation had been launched. Despite the leak referencing a procurement pause, government representatives emphasised that regular defence acquisition activities continued, underscoring the agency’s ongoing operational mandate even amid the cyber‑security incident.

Incidents
Linked incidents available to members
1 incident