Pro-Russian Hacker Group Targets Belgian Critical Infrastructure in Surge of DDoS Attacks
In December, Belgium faced a sharp escalation in cyberattacks, with nearly 1,250 distributed denial-of-service (DDoS) incidents recorded between December 2 and 18. The attacks, attributed to the pro-Russian hacker group DDoSia, primarily targeted federal institutions, critical infrastructure, and government bodies ahead of an EU Council summit, according to cybersecurity firm Secutec.
While none of the attacks succeeded, they demonstrated a strategic shift toward disrupting essential services. Geert Baudewijns, CEO of Secutec, warned that the group had identified Belgium’s most vulnerable dependencies, including energy distribution linked to NATO headquarters and nuclear supply chains, which account for up to 50% of the country’s electricity production.
Key targets included:
- Government institutions (two-thirds of attacks), with the federal parliament hit 40 times, and the provinces of Limburg (45 attacks) and Antwerp (32 attacks).
- Critical infrastructure, such as Brussels-based energy company Sibelga and nuclear supplier ASCO Industries.
- Healthcare organizations, though specifics were not disclosed.
Secutec reported a 190% increase in attacks compared to November, signaling a dangerous escalation as hackers expanded beyond public authorities to energy and nuclear sectors. The timing and focus suggest an intent to maximize national disruption during a period of heightened geopolitical significance.
Elia Group cybersecurity rating report: https://www.rankiteo.com/company/eliagroup
"id": "ELI1776350170",
"linkid": "eliagroup",
"type": "Cyber Attack",
"date": "12/2025",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'industry': 'Public Sector',
'location': 'Belgium',
'name': 'Federal Parliament of Belgium',
'type': 'Government'},
{'industry': 'Energy',
'location': 'Brussels, Belgium',
'name': 'Sibelga',
'type': 'Energy Company'},
{'industry': 'Nuclear',
'location': 'Belgium',
'name': 'ASCO Industries',
'type': 'Nuclear Supplier'},
{'industry': 'Public Sector',
'location': 'Belgium',
'name': 'Provinces of Limburg and Antwerp',
'type': 'Government'},
{'industry': 'Healthcare',
'location': 'Belgium',
'name': 'Healthcare organizations (unspecified)',
'type': 'Healthcare'}],
'attack_vector': 'Distributed Denial-of-Service (DDoS)',
'date_detected': '2023-12-02',
'description': 'Belgium faced a sharp escalation in cyberattacks, with nearly '
'1,250 distributed denial-of-service (DDoS) incidents recorded '
'between December 2 and 18. The attacks, attributed to the '
'pro-Russian hacker group DDoSia, primarily targeted federal '
'institutions, critical infrastructure, and government bodies '
'ahead of an EU Council summit. The attacks demonstrated a '
'strategic shift toward disrupting essential services, '
'including energy distribution linked to NATO headquarters and '
'nuclear supply chains.',
'impact': {'operational_impact': 'Potential disruption of essential services, '
'including energy and nuclear sectors',
'systems_affected': 'Federal institutions, critical '
'infrastructure, government bodies, energy '
'distribution, nuclear supply chains'},
'initial_access_broker': {'high_value_targets': 'Energy distribution, nuclear '
'supply chains, NATO-linked '
'infrastructure'},
'motivation': 'Geopolitical disruption, targeting critical infrastructure '
'during EU Council summit',
'references': [{'source': 'Secutec'}],
'response': {'third_party_assistance': 'Secutec (cybersecurity firm)'},
'threat_actor': 'DDoSia (Pro-Russian hacker group)',
'title': 'Pro-Russian Hacker Group Targets Belgian Critical Infrastructure in '
'Surge of DDoS Attacks',
'type': 'DDoS'}