Former Belgian Prime Minister Guy Verhofstadt has become the latest victim of a Chinese state-linked espionage campaign targeting officials associated with the Inter-Parliamentary Alliance on China (IPAC). This coalition of lawmakers is known for its critical stance towards Beijing. The breach, reported by Belgian newspaper Le Soir, is part of a broader hacking effort by a group linked to China’s Ministry of State Security, which was detailed in a March indictment by the U.S. Department of Justice. The indictment revealed that Chinese hackers targeted EU legislators’ .gov-style accounts, using sophisticated phishing emails to gain unauthorized access to sensitive information.
Verhofstadt is the fifth Belgian official known to have been targeted by the Chinese hacker group APT31. Others include Samuel Cogolati, a Green MP; Els Van Hoof, the chair of Belgium’s Foreign Affairs Committee; Hilde Vautmans, a liberal MEP; and Georges Dallemagne, a federal deputy. The cyberattacks were revealed to some of the victims as late as February 2023. For instance, Samuel Cogolati learned about the attacks from the Centre for Cybersecurity Belgium, which alerted him via email.
The hackers employed various tactics to infiltrate their targets’ systems. In Els Van Hoof’s case, the attackers sent emails that appeared to come from a legitimate international agency, discussing seemingly innocuous topics like Donald Trump and human rights. However, these emails were designed to compromise her laptop. Such phishing techniques underscore the sophistication and persistence of the attackers in their efforts to spy on European legislators involved in scrutinizing China’s actions.
In response to these incidents, Belgian Foreign Minister Hadja Lahbib summoned the Chinese ambassador to address the allegations of cyber espionage. The targeted officials, in a joint statement, condemned the attacks as an assault on democratic values. They emphasized that the campaign was not aimed at a specific party or country but at any politician who dared to challenge Beijing. This unified stance highlights the broader implications of the attacks for international political integrity and cybersecurity.
