The Netherlands is not well prepared for large-scale cyber attacks, the scientific council for government policy WRR said in a report on Monday. This applies to the Dutch government, but also companies and society as a whole, according to the council, NU.nl reports.
The Dutch police are concerned about an increasingly popular development in cybercrime, which the police refer to as cybercrime-as-service. Criminals can now buy cyber attacks easily, cheaply and at any time of day or night, the police said in a statement.
The national coordinator for counter-terrorism and security NCTV expressed concerns about the fact that almost all of the Netherlands' vital processes and systems have been digitized, and that there are virtually no fall-back options. This makes the Netherlands insufficiently resilient and therefore vulnerable to digital attacks, the NCTV said on Wednesday, NU.nl reports.
Dutch intelligence service AIVD warns of radical influences in education in its annual report for 2018. According to the service, "radical Islamic boosters" play an increasingly emphatic role in the education offer for young Muslims in the Netherlands. In the long term, this could undermine the democratic legal order, the AIVD said, NOS reports.
The Netherlands' tunnels, bridges, locks and flood defenses are not sufficiently protected against cyber attacks, the Court of Audit concluded in a report published on Thursday. The Court advises the Ministry of Infrastructure and Water Management to make cyber security on these essential parts of Dutch infrastructure a priority.
A few dozen Dutch companies have been infected with ransomware SamSam, according to security company Fox-IT. A precise number can not be given because it is unknown how many companies paid the ransom or managed to get rid of the malware themselves, NOS reports.
The Ministry of Defense is stepping up the fight against cyber attacks. In addition to investing more in fighting off cyber attacks, the Ministry also wants to deal with perpetrators more publicly as recently happened after a thwarted espionage attempt by the Russians on the OPCW in The Hague, ANP reports.
The Netherlands is the midst of a "cyber war" with Russia, Defense Minister Ank Bijleveld said on television program WNL op Zondag. According to the Minister, a foiled cyber attack by the Russian secret service on chemical weapons watchdog OPCW shows that the nature of war has changed.
Sergei Lavrov, the Russian Minister of Foreign Affairs, said on Monday that the four Russian spies caught in The Hague in April was in the Netherlands for a routine trip. Russia denies that the secret service agents wanted to hack into chemical weapon watchdog OPCW, NU.nl reports.
Russia summoned the Dutch ambassador to Moscow to account for the Netherlands' deportation of four Russian spies who were planning to hack the Organization for the Prohibition of Chemical Weapons (OPCW), RTL Nieuws reports
Four Russian spies wanted to hack into the network of the Organisation for the Prohibition of Chemical Weapons (OPWC) on April 13th. Instead of being arrested and entering the Dutch system, they were deported to Moscow that same day. That decision was made by Onno Eichelsheim, director of military intelligence service MIVD. He wanted them out of the Netherlands as soon as possible, RTL Nieuws reports.
Dutch Prime Minister Mark Rutte and his British counterpart Theresa May released a joint statement in which they denounced cyber attacks by Russian secret service GRU as unacceptable. They called attacks on international organizations like the United Nations' Organization for the Prohibition of Chemical Weapons (OPCW) reckless and destructive.
Dutch military intelligence service MIVD prevented a hacking operation by Russian secret service G.U. aimed at the Organization for the Prohibition of Chemical Weapons (OPWC), Minister Ank Bijleveld of Defense announced at a press conference in The Hague on Thursday. The G.U. tried to hack the OPWC on April 13th. Four involved Russian officers were deported from the Netherlands that same day, NOS reports.
The DigiD website was unavailable for a time on Wednesday due to a DDoS attack - the third attack on the site in a week's time. Allestoringen.nl received hundreds of reports from people who were unable to reach the government website, NU.nl reports.
As the DigiD site was unreachable, it was impossible to log into government websites, like the Tax Authority site, because these sites use DigiD as a login system.
Cyber attacks by malicious countries are the biggest digital threat to the Netherlands' national security, according to the National Coordinator for Counter-terrorism and Security's (NCTV) annual report on digital security. Such countries want to spy, influence public opinion, disrupt society or even sabotage vital systems, the NCTV warns, RTL Nieuws reports.
Dutch banks ABN Amro and Rabobank were again targeted by DDoS attacks on Sunday night, leaving their online banking services unavailable for a time, ANP reports.
The two Dutch banks were also targeted by such cyber attacks on Thursday. In a DDoS attack, a website is bombarded with data, overloading its server and crashing the site.
Rabobank and ABN Amro were targeted by DDoS attacks on Thursday night and Friday morning. As a result their online and mobile banking, iDeal payments and websites were hard to reach or completely offline for several hours.
The attacks on Rabobank started around 6:00 p.m. on Thursday, NOS reports. The problems were resolved shortly before midnight. ABN Amro was attacked during the early hours of Friday morning.
In a DDoS attack a website is bombarded by large amounts of data, crashing its server and therefore also the site.
The Dutch police took a website offline on which DDoS attacks could be purchased for a small amount. The site - Webstresser.org - was the largest provider of such cyber attacks worldwide, the police said in a statement on Wednesday.
So-called booter or stresser sites, like Webstresser.org, are often used to set up DDoS attacks.
The National Cyber Security Center (NCSC) made sure all Dutch government organizations are aware of a warning issued by the American and British security services about Russian state hackers targeting network equipment. The NCSC, which falls under the Ministry of Justice and Security, takes this warning seriously and advises all Dutch organizations to check their network equipment for erroneous configurations, NU.nl reports.
The Dutch government and businesses in the Netherlands need to work together to create a kind of national firewall to protect important websites and apps against DDoS attacks, five experts in digital security plead in an open letter, NOS reports.
Currently banks, telecom providers, energy companies and other businesses all individually hire security companies to help prevent such cyber attacks. But that is not enough to stop these types of attacks, the experts warn. If they worked together, they could prevent an attack one one company from having success at another company.
The websites of the Dutch Tax Authority and DigiD were hit by DDoS attacks on Wednesday afternoon. As a result no tax declarations could be filed for hours, and people had trouble logging in to various government websites, NU.nl reports.
The attack on the Tax Authority started around 3:00 p.m., and DigiD was hit around 3:25 p.m. Both sites were fully accessible again by 8:00 p.m.
The attack did not affect the security of taxpayer's data, not even if people were filing declarations when the DDoS attack started, a spokesperson for the Tax Authority said to the newspaper.
An 18-year-old Oosterhout man arrested in connection with DDoS attacks on Dutch financial institutions, wanted "to show that a teenager can simply crash all banks with a relatively simple attack", suspect Jelle S. wrote in an email to the Volkskrant shorty before his arrest.
The police arrested an 18-year-old man from Oosterhout in connection with multiple DDoS attacks on the Tax Authority, tech site Tweakers and internet provider Tweak last week, as well as on online bank Bunq in September last year. The man was arrested on Thursday, February 1st, the police said in a statement on Monday.
In a DDoS attack large amounts of data is sent to the targeted site, overloading the site's server and thereby crashing the site.
ABN Amro, ING, Rabobank and the Tax Authority again faced DDoS attacks on Tuesday, though this time the financial services managed to deter them better than over the weekend. The attacks caused a short disruption in payment system iDeal, but the problems were quickly restored, NOS reports.
ABN Amro was troubled by attacks all day long, but they were mostly successfully fought off, a spokesperson said to the broadcaster. Around 5:30 p.m. the bank faced a short disruption.