Dutch government calls officials to work in-office after week of DDoS attacks: report

Cyber attackers have been successfully crippling parts of the Dutch government’s systems with DDoS attacks for a week. The government has urged civil servants working with the affected IT systems, all from a specific vendor, to work in the office instead of from home, sources told NOS.

Civil servants can only work from home with a VPN connection, but due to the DDoS attacks, this has been frequently unavailable for a week. According to the broadcaster, the call to come into the office affects at least 57,000 civil servants who work at the Ministries of Justice and Security, Finance, Foreign Affairs, and Public Health, Welfare, and Sports.

The attacks also affect externally hired employees. They also need the VPN connection to log in to the office, and are unable to do so.

According to NOS, the attacks seem to only affect the systems of SSC-ICT, an internal IT supplier to the government. Government departments that manage their own IT or have outsourced it to another supplier do not appear to be affected.

In an internal communication to the affected civil servants, the government wrote that the attacks continue “unabated” despite “mitigating measures” taken and can “hinder accessibility from home.”

A spokesperson for the Ministry of Home Affairs and Kingdom Relations, responsible for the IT department in question, confirmed the attacks to NOS. The attacks cripple the affected systems periodically, but have not taken them down entirely.

In a DDoS attack, the cyberattackers send large amounts of internet traffic to a specific website or system, overloading the affected servers. It is rare for DDoS attacks to be so successful for such a long period of time. The source of the attack is unknown.