514 895-5858

Cyberattack in Belgium: a business story not to be ignored

May 14 2025

Cyberattack in Belgium: a business story not to be ignored

Imagine the scene: you’ve just bought your dream home. The plans are ready, the financing is in place, and you’re just waiting for your building permit to start work. Suddenly, everything comes to a halt. Government services are unreachable. Your documents are stuck. You receive no response. This isn’t fiction; it’s what happened in Wallonia, Belgium, in April 2025 due to a cyberattack.

A cyberattack paralyzed the Walloon Public Service (SPW), rendering many digital services inaccessible. The consequences were immediate: delays in processing building permits, renovation grants, and other administrative requests that are crucial for citizens and businesses.

An attack that wreaks havoc… without asking for anything

Surprisingly, unlike most cyberattacks of this magnitude, the hackers did not demand a ransom. No note was left demanding money. No message demanded payment in cryptocurrency. Even more surprising, no massive data leak has been detected to date (Source: RTBF).

So why launch such a complex cyberattack without demanding a ransom? This is precisely what makes this attack particularly worrying. It reminds us that cybercrime does not always have an immediate financial objective. Sometimes, it is disruption itself that is the target.

This is reminiscent of the major outage in Spain, which paralyzed several critical services for hours. Various incidents, even without data theft or ransom demands, can have a crippling effect on entire systems.

What did the attackers really want?

The lack of a claim raises several hypotheses:

  1. Pure sabotage: Some cybercriminals are not looking to extort money, but to disrupt services, create chaos, or test an organization’s IT defenses.
  2. Preparation behind the scenes: It is also possible that the attackers are still observing. They may have infiltrated the system to plant beacons, observe traffic, or prepare a more targeted attack in the long term.
  3. Political message or show of force: In some cases, these acts may be a form of indirect pressure or a signal sent to other governments or organizations.

Whatever the motivation, the effect is the same for citizens: interrupted services, blocked projects, and a growing sense of digital insecurity.

What made the attack possible: a familiar flaw

According to the investigation, the hackers exploited outdated servers that were exposed to the internet and had not been updated. Once inside the network, they escalated their privileges to gain full administrator access. They then installed remote control software, allowing them to navigate freely through the SPW’s systems.

This type of scenario is not limited to large public institutions. Unfortunately, it is common in many SMEs, where updates are postponed and aging systems are left in place “because they still work.”

SMEs: what to do when an attack goes unnoticed?

What the situation in Belgium teaches us is that a cyberattack can cause just as much damage without stealing data or even manifesting itself openly. Here’s what you can do right now to avoid such a shutdown:

  • Take inventory of your equipment and software: Do you know exactly which systems or applications are active in your company?
  • Apply critical updates: An up-to-date system is a much less attractive target for hackers.
  • Install an intrusion detection and prevention system: These tools do more than just identify suspicious behavior. They can also automatically block certain threats before they cause damage, such as unauthorized login attempts or data transfers to external sources.
  • Prepare an incident response plan: What would you do if you lost access to your emails, management systems, or customer files tomorrow morning?
  • Train your employees: Even silent attacks can start with a harmless human action, such as opening a malicious email or accidentally disabling antivirus software.

Mon Technicien: a team that watches over you, even when everything seems calm

At My Technician, we don’t just monitor major alerts. We also keep an eye on weak signals. We know that the most dangerous cyberattacks are sometimes the quietest.

Our role is to:

  • Help you prevent intrusions, even invisible ones;
  • Check the actual health of your IT infrastructure;
  • Train your employees to respond to the first signs of an attack, whether technical or human.

Thought of the day 💭

“Just because you can’t hear the wolf, doesn’t mean it’s not in the sheepfold.”

— IT proverb, cyber version 2025