Hack FPS finance

Published on:
May 22, 2024
Use case

What happened?


On May 4, 2021, the FPS Finance, along with other Belgian government departments, was hit by a massive Distributed Denial of Service (DDoS) attack. This attack targeted the Belnet network, which disrupted essential digital services such as the MyMinfin tax portal and other government websites. The attack was part of a broader attack on the entire government network, resulting in severe service outages.

How did it happen?


The attack was carried out by a DDoS attack, flooding the network with data requests, causing the entire system to crash. The large volume of incoming requests overloaded the servers, resulting in the inaccessibility of important government services, including MyMinfin and other government administrative portals.

What was the impact for the company?


The attack caused serious disruptions in tax return systems, making MyMinfin temporarily inaccessible. This led to major problems for citizens and businesses who wanted to file their tax returns or download forms. In addition, parliamentary sessions had to be postponed as digital access and live streaming of the meetings were disrupted.

 Other services, such as the COVID-19 vaccination portal and justice systems, were also affected, leading to widespread impacts on government services across Belgium.

How could this have been prevented?


Although DDoS attacks are difficult to predict, the use of advanced DDoS mitigation systems could have helped repel the attack more quickly. Belnet could also have benefited from network segmentation to limit the impact on critical services such as MyMinfin. Regular cybersecurity audits and better collaboration with international security experts might have exposed weaknesses in the infrastructure before they could be exploited by attackers.