In early November 2025, Belgian networks were hit by two related DDoS campaigns targeting telecom operators, healthcare services, and military-intelligence websites. The pro-Russian hacktivist group NoName057 publicly claimed responsibility, citing Belgium’s political stance as the motive.
Telecom and healthcare impact
On 5 November, Proximus and Scarlet reported brief website outages after technicians detected unusual traffic around 07:20 CET, followed by a sharp surge at 07:30. Proximus confirmed that systems held and disruption remained limited.
Around the same time, Ghent University Hospital (UZ Gent) experienced slower communication with several external systems, causing temporary delays in accessing information, though internal systems and patient care continued normally.
NoName057 boasted on Telegram that it had hit the telecom operators and an internal Telenet portal, though Telenet denied any impact. The group referenced comments made by Belgium’s defence minister in a recent interview as justification for the attacks.
Additional Belgian targets—including industrial printer manufacturer CP Bourg and the municipality of Comines-Warneton—reported cyber disruptions on the same day.
Military-intelligence websites targeted
Shortly afterwards, the same group claimed another DDoS attack—this time on several websites belonging to Belgium’s military-intelligence service, SGRS/ADIV. The attack coincided with a national-security meeting.
The Defence Ministry confirmed that the websites were briefly unavailable but stressed that no breach occurred and there was no indication of data being accessed or leaked.
Recurring activity
Belgium has been repeatedly targeted by NoName057 over the past two years, including campaigns during the 2024 election period and multiple government-website disruptions earlier in 2025. The group appears to have renewed its focus on Belgian institutions, with indications of further activity circulating on Telegram.
About FastNetMon
FastNetMon is a leading solution for network security, offering advanced DDoS detection and mitigation. With real-time analytics and rapid response capabilities, FastNetMon helps organisations protect their infrastructure from evolving cyber threats.For more information, visit https://fastnetmon.com