Resource Center

Quantum computing is no longer a distant possibility as it is rapidly becoming a reality. This technological shift poses a serious challenge to the cryptographic foundations that currently secure digital communications, transactions, and sensitive data.  Quantum computing is no longer a distant possibility as it is rapidly becoming a reality. This technological shift poses a serious challenge to the cryptographic foundations that currently secure digital communications, transactions, and sensitive data. To help organisations in Belgium prepare for this disruption, the Centre for Cybersecurity Belgium (CCB) has contributed to a white paper on Post-Quantum Cryptography (PQC). This initiative was led by the Belgian Cyber Security Coalition and the Quantum Circle, and brings together experts from across sectors to provide practical guidance for quantum-safe resilience. The white paper outlines: The quantum threat and its implications for long-lived and sensitive data. The concept of “harvest now, decrypt later”, where encrypted data collected today may be decrypted in the future. The EU strategic roadmap with milestones: national strategies by 2026, critical infrastructure protected by 2030, and broad adoption by 2035. Sector-specific use cases in telecom, banking, healthcare, and retail. The importance of crypto-agility — the ability to adapt cryptographic systems quickly and securely. For Belgian organisations, this is not just a technical challenge. It is a matter of business continuity, regulatory compliance, and digital trust. Early action will reduce complexity, cost, and risk and position organisations as leaders in cybersecurity resilience. Download the white paper to understand the quantum threat and discover actionable steps to prepare your organisation for the quantum era. Download the white paper

From 17 to 25 years old, Belgium’s national cyber team takes on Europe’s best at the ECSC, coached by experts from the Centre for Cybersecurity Belgium. From 17 to 25 years old, Belgium’s national cyber team takes on Europe’s best at the ECSC, coached by experts from the Centre for Cybersecurity Belgium.While the Red Devils fight for glory on the pitch, another Belgian team is gearing up for a championship of a different kind: one played with code, creativity, and nerves of steel. The Belgian Red Daemons, Belgium’s national team for young cybersecurity talent, kick off their campaign this week at the European Cybersecurity Challenge (ECSC) in Warsaw.A European championship for cyber talent Think of the ECSC as the Champions League of cybersecurity for young people. After national selections across Europe, teams of ten (five aged 14–20 and five aged 21–25) compete over two intense days in challenges that test attack and defense, creativity and teamwork. This year, 34 European countries will participate alongside guest teams from around the world, showcasing skills, sportsmanship, and European unity in the digital age.Team Belgium: motivated, prepared, and united Belgium’s squad blends promising students and recent graduates, including several returning competitors. Leading the team is captain Petar Vitorac, who won the Best Student Award in last year’s Hack the Government, a flagship initiative where ethical hackers help strengthen public-sector systems. This event, widely recognized in Belgium, reflects the country’s commitment to proactive and collaborative cybersecurity values that the Red Daemons will carry to Warsaw.The team has been preparing diligently, spending several weekends working together on online Capture The Flag (CTF) events, sharpening their problem-solving, coordination, and technical depth.Expert coaching and national supportThe Centre for Cybersecurity Belgium (CCB) plays a central role in preparing and supporting the Belgian Red Daemons. From organizing training sessions to providing expert guidance, the CCB ensures that the team is ready to compete at the highest level. This initiative is backed by the CCB’s leadership and coaching staff, reflecting Belgium’s commitment to developing top cybersecurity talent.By investing in talent and teamwork, we’re building a safer digital future for everyone. We’re proud of the Red Daemons, not just for competing, but for inspiring the next generation. Miguel De Bruycker, Director General, CCBThis team trained hard, learned fast, and grew together. They’re ready to represent Belgium with pride.  Thibault, Head Coach, CCBWhere the talent comes from Most team members were scouted via the Belgian Cyber Security Challenge, Belgium’s largest student cyber competition, with additional recruits joining through community initiatives and open interest. Those who made the final ten showed more than individual brilliance: they proved they could learn together, communicate under pressure, and apply their skills responsibly.Why it matters Cybersecurity isn’t just a technical field, it’s part of our national resilience. From protecting public services and businesses to securing our personal lives, these young experts are Belgium’s future defenders. The ECSC is a celebration of that mission: we hack, we compete, we connect.Follow and get involved The journey doesn’t end in Warsaw. The CCB will share updates throughout the competition. We encourage students across Belgium to get involved, starting with the Cyber Security Challenge Belgium, and to aim for a spot on next year’s national team. They may not score goals, but they’re scoring points for Belgium’s digital futur Image Team Belgium, the Belgian Red Daemons, proud in their national kit ahead of the European Cybersecurity Challenge in Warsaw. 

Online investment fraud cost Belgians almost €15 million in the first half of 2025, according to new figures from the FSMA. False trading and crypto platforms are particularly responsible for the damage: a good €12 million was stolen through these channels, which is three times more than in the same period last year.  Online investment fraud cost Belgians almost €15 million in the first half of 2025, according to new figures from the FSMA. False trading and crypto platforms are particularly responsible for the damage: a good €12 million was stolen through these channels, which is three times more than in the same period last year. To warn citizens, the Centre for Cybersecurity Belgium (CCB), together with the FSMA, Febelfin, FPS Economy, the Cyber Security Coalition and the police prevention services, is launching a major awareness campaign via Safeonweb. The campaign coincides with both World Investor Week and European Cybersecurity Month, and emphasises the importance of digital vigilance. Michel, a 71-year-old man from Ghent, thought he was investing in cryptocurrencies via an online platform. He started with €250 and received false profit updates. When Michel wanted to withdraw his money, it turned out to be blocked and he had to pay extra to get it back. In the end, Michel lost almost €300,000. ‘I thought I was doing the right thing and could help my daughter buy her flat, but now I have nothing left.’Gisèle, an 80-year-old woman from Brussels, thought she was investing on a reliable platform (mainly because she was convinced that it was the king who had recommended it on social media). She started with 250 euros, but soon realised that something was wrong. However, when she wanted to stop paying, the scammers started harassing her with dozens of phone calls and emails a day. ‘My family can tell you that I am a sensible person with my head on my shoulders, but scammers manipulate you and don't give you time to think.’Facts and figures 15 million euros stolen in the first half of 2025Average loss per victim: €37,777 1,289 reports to the FSMA in 6 months, just the tip of the iceberg 2 out of 3 victims are men aged 50+ New trend: fraud via recovery rooms and social media Campaign image: Bill, the purseThe campaign tells the story of Bill, a well-filled purse who enthusiastically invests in a fake platform. In the end, he is literally penniless. The advert is being broadcast on television, in cinemas and online. who enthusiastically invests in a fake platform. In the end, he is literally broke. The advert is being distributed via television, cinema and online.The campaign is shared annually by hundreds of partners, which means it will also be visible in public services, schools, banks and on the streets. Together, we can outsmart fraudsters! More information

Red Hat confirms a consulting breach that poses a high risk for Belgian organisations Red Hat confirms a consulting breach that poses a high risk for Belgian organisations.AssessmentThe Centre for Cybersecurity Belgium (CCB) assesses this breach poses a high risk for Belgian organisations that used Red Hat Consulting services or shared sensitive information (e.g., credentials, tokens, network data) with Red Hat. There is also potential supply chain impact if your service providers or IT partners worked with Red Hat Consulting.Red Hat has confirmed a security incident involving its consulting service. Private GitHub repositories containing Customer Engagement Reports (CERs) were accessed by attackers. These reports may include sensitive details such as:Network informationAuthentication tokens and keysConfiguration dataAttackers claim they already used stolen tokens to access customer systems. The full scope of the breach remains unclear.Who Should ActThis alert is particularly relevant for:Organisations that have used Red Hat Consulting servicesCompanies that shared credentials, tokens, or configuration data with Red HatEntities whose IT providers, developers, or hosting partners may have engaged Red Hat Consulting (possible supply chain risk)Any entity with integrations involving Red Hat systemsTimelineMid-September 2025 – Breach reportedly took place (approx. two weeks before disclosure).Late September 2025 – Hackers claimed access to Red Hat’s private GitHub repositories and tokens.1 October 2025 – Reports surfaced publicly about the alleged breach.2 October 2025 – Red Hat confirmed the incident and ongoing investigation.Potential ImpactUnauthorised access to internal systems using stolen tokens or credentialsLateral movement within compromised environmentsTheft of sensitive company or customer dataDisruption of IT operations or exposure of configuration detailsSupply chain impact if a third-party provider was exposed through Red Hat ConsultingRecommended ActionsRevoke & Rotate all tokens, keys, and credentials shared with Red Hat or used in integrations.Engage Third-Parties – ask your IT providers or partners whether they used Red Hat Consulting and assess your potential exposure.Contact Red Hat for guidance on your specific exposure.Increase Monitoring of authentication events, API calls, and system access for anomalies.If you observe related incidents or have additional information, please notify us immediately via our incident reporting form.Stay alert for further updates as more details emerge.ReferencesThe RegisterBleeping ComputerIntCyberDigest on X

The CCB is showcasing its legal "safe harbour" for cybersecurity researchers once again At this year's BruCON conference, the Centre for Cybersecurity Belgium (CCB) is showcasing its legal "safe harbour" for cybersecurity researchers once again and stepping up to protect and empower ethical hackers.Breaking down barriersImagine being a cybersecurity researcher who discovers a critical vulnerability but fears legal repercussions for reporting it. Those days are over in Belgium. The CCB is rolling out a legal "safe harbour" that gives ethical hackers the confidence to come forward without worrying about potential legal consequences.What does this really mean?Ethical hackers who follow the CCB's official reporting procedure now receive comprehensive legal protection under both criminal and civil law. It's a game-changing approach that recognizes these digital defenders as crucial partners in maintaining national cybersecurity, not potential threats.Why BruCON mattersAt this year's BruCON conference, the CCB message is clear:Acknowledging the critical role of ethical hackers;Providing crystal-clear guidance on vulnerability reporting;Building trust between researchers and government agencies.The CCB is also calling on all Belgian organisations to set up a vulnerability disclosure programme (whether within the NIS2 legal framework or not).The bigger pictureThis initiative isn't just about Belgium. It's a potential model for how governments worldwide can work more effectively with the cybersecurity research community. By offering legal clarity and protection, the CCB is removing barriers that often prevent crucial security vulnerabilities from being reported and fixed. More on the Coordinated Vulnerability Disclosure (CVD) More on Brucon