The websites of Proximus and UZ Gent. The ports of Antwerp and Zeebrugge. The Belgian parliament. What do they have in common? They were all taken down by pro-Russian hacktivists. And your company can be among the victims, even if you are not a political target.
Belgium is in the global top 10 countries most frequently affected by DDoS attacks. By 2025, security firm Inetum alone recorded 15,000 DDoS incidents targeting Belgian organizations. The attacks are becoming increasingly frequent, powerful and politically motivated.
Why are hackers attacking Belgian companies?
The pro-Russian group NoName057(16) claims responsibility for most politically motivated attacks in our country. Their motivation? Retaliation for Belgian support for Ukraine and our role within NATO and the EU.
In a distributed denial of service (DDoS) attack, servers are flooded with millions of requests at once. The result: websites and services become inaccessible to real users. The attackers do not steal data, they want to create chaos and generate media attention.
In November 2025, Proximus, Scarlet and UZ Gent were affected. In October 2024, dozens of municipal websites and the ports of Antwerp and Zeebrugge went offline during the election period. The hackers’ message is clear: We can cripple your digital infrastructure whenever we want.
How is your company indirectly victimized?
Here is the real risk for Flemish business owners: you do not have to be a political target to be harmed. Businesses are indirectly affected in three ways.
Saturation of your ISP.
When attackers fish the network of Proximus or Telenet, the total bandwidth becomes saturated. All connected organizations are affected, even if they are not targeted. In December 2025, nearly 90% of recorded attacks targeted the private sector, especially telecom providers.
Shared cloud infrastructure.
In cloud environments, multiple companies share the same servers. If one customer is attacked, that attack traffic consumes all available capacity. Your applications become slow or fail completely.
Supply chain.
When your suppliers or partners are affected, you feel the consequences. Logistics systems can no longer exchange data with the port. Billing programs in the cloud stop working. Business continuity is immediately compromised.
The numbers behind the threat
The scale of the problem is growing exponentially. Cloudflare blocked more than 20 million DDoS attacks worldwide in the first quarter of 2025, up 358% year-on-year. The total number of attacks in 2025 doubled to 47 million. The most powerful attack reached 31.4 Terabits per second, enough to take down virtually any unprotected infrastructure.
Belgian sectors most affected:
- Government agencies (1,821 attacks by 2025)
- Transportation and logistics (299 attacks)
- Financial services (291 attacks)
- Technology sector (274 attacks)
- Education (254 attacks)
What can you do to protect your business?
Becoming completely immune to DDoS attacks is impossible, but you can increase your resilience.
- Map your dependencies: Do you know which external services your business leans on? Which cloud providers and Internet connections are critical? A risk analysis reveals where you are vulnerable to collateral damage.
- Diversify your connectivity: Don’t rely on a single Internet provider. Redundant connections through different providers reduce the risk of an attack on one network shutting down your entire business.
- Consider DDoS mitigation: For businesses with critical online services, “always-on” protection exists. Automated systems recognize attack traffic and filter it out before it reaches your network. Legitimate visitors notice nothing.
- Train your employees: DDoS attacks rarely come alone. They are often a distraction while hackers try to penetrate via phishing or other methods. Awareness training helps your team recognize suspicious activity.
- Establish an incident response plan: Does your team know what to do when systems become inaccessible? A clear playbook prevents panic and speeds recovery.
NIS2 and the legal context
The European NIS2 Directive requires companies in critical sectors to have their cybersecurity in order. This includes resilience against DDoS attacks. Does your organization meet the criteria (more than 50 employees or turnover above €10 million in certain sectors)? Then you are required to take appropriate measures.
Support for your cyber resilience
Political tensions in the world will not go away anytime soon. As long as Belgium supports Ukraine and plays a central role in EU and NATO, we will remain a target. The question is not whether your company will face the consequences of a cyber attack, but when.
Cyberplan helps Flemish companies strengthen their digital resilience. From a cybersecurity audit that exposes your vulnerabilities, to advice on DDoS mitigation and NIS2 compliance. Through the SME portfolio, you get up to 45% subsidy on cybersecurity advice and training (small companies) or 35% (medium-sized companies).
Want to know how resilient your organization is against collateral damage from political cyber attacks? Book a no-obligation consultation with one of our experts.
Frequently asked questions about DDoS attacks in Belgium
What exactly is a DDoS attack?
A DDoS (Distributed Denial of Service) attack floods servers with millions of requests at once, rendering websites and online services inaccessible. The goal is disruption, not data theft.
Why is Belgium so often the target of cyber attacks?
Belgium houses EU and NATO headquarters in Brussels. Pro-Russian hacktivist groups are targeting our country in retaliation for political support for Ukraine and European sanctions policy.
Can my company be affected without being attacked itself?
Yes. By saturating shared Internet connections, cloud infrastructure or supply chains, companies can be indirectly inconvenienced. We call this collateral damage or collateral damage.
How long does an average DDoS attack last?
Most network layer DDoS attacks last less than 10 minutes, but the impact can be felt for hours. Prolonged campaigns by politically motivated groups can last for several days.
What grants exist for cybersecurity in Flanders?
Through the SME portfolio, small businesses receive 45% subsidy and medium-sized businesses 35% on cybersecurity advice and training. VLAIO also offers cybersecurity improvement programs with 50% subsidy for SMEs.
Do I need to be NIS2 compliant to protect against DDoS?
NIS2 compliance is mandatory for companies in certain industries. But even if you are not covered by NIS2, investing in cyber resilience makes sense. Collateral damage affects every business, regardless of size or sector.
