FireEye, the intelligence-led security company, released new information about two Belgian government websites being taken down by pro-Turkey hacktivists. FireEye assesses with high confidence that Aslan Neferler Tim, the group behind recent attacks in the Netherlands and Denmark, is responsible.
Distributed denial-of-service DDoS attacks were launched against websites of the Belgian Ministry of Defense on October 28th and the city of Antwerp on October 31st. Both sites were inaccessible for several hours after the attacks.
FireEye analysts believe it is likely that the attack was a reaction to recent riots on October 27-29 which started after a bus of Kurdistan Workers’ Party PKK supporters, reportedly escorted by Antwerp police, passed through a Turkish neighborhood in the city and provoked unrest amongst residents. There are tensions between both sides as Turkey and the PKK are engaged in an ongoing armed conflict. Aslan Neferler Tim posted messages on its Facebook page following the riots that claimed responsibility for the DDoS attacks and accused the Belgian government of supporting the PKK.
John Hultquist, Director of Cyber Intelligence Analysis at FireEye added, “This activity is consistent with what we have seen from Aslan Neferler Tim in the past, both in terms of techniques and targeting. It appears to be the first time that the group has attacked Belgium, but it should come as little surprise given the way other European authorities have been targeted after being involved in what could have been perceived as an affront to Turkish nationalism. It is easy to dismiss DDoS attacks like this as harassment, but they often precede more complex operations, such as targeted leaks or destructive attacks.”
FireEye analysts believe that the group’s focus on the Belgian government is likely to be over for now. This assessment is based on intelligence from previous Aslan Neferler Tim campaigns which shows that they rarely last longer than a few days at a time.