The Netherlands' tunnels, bridges, locks and flood defenses are not sufficiently protected against cyber attacks, the Court of Audit concluded in a report published on Thursday. The Court advises the Ministry of Infrastructure and Water Management to make cyber security on these essential parts of Dutch infrastructure a priority.
The three large Dutch banks - ING, ABN Amro and Rabobank - are largely dependent on only one company for cyber security against DDoS attacks. The cyber security firm in question is the American company Akamai, which counts 18 of the world's 30 largest banks as its customers, Financieele Dagblad reports.
Cyber attacks by malicious countries are the biggest digital threat to the Netherlands' national security, according to the National Coordinator for Counter-terrorism and Security's (NCTV) annual report on digital security. Such countries want to spy, influence public opinion, disrupt society or even sabotage vital systems, the NCTV warns, RTL Nieuws reports.
The Dutch government and businesses in the Netherlands need to work together to create a kind of national firewall to protect important websites and apps against DDoS attacks, five experts in digital security plead in an open letter, NOS reports.
Currently banks, telecom providers, energy companies and other businesses all individually hire security companies to help prevent such cyber attacks. But that is not enough to stop these types of attacks, the experts warn. If they worked together, they could prevent an attack one one company from having success at another company.
The software that will be used to count votes in the upcoming municipal elections is still not safe. Hackers can use the vulnerable software to influence the election results, experts that examined the software told RTL Nieuws.
Ethical hacker Sijmen Ruwhof discovered more than 50 vulnerabilities in the software. He calls ten of them 'high risk'.
Four in ten Dutch use the same password for multiple online services, such as email, social media and online banking, according to a survey commissioned by the Ministry of Justice and Security. One in five said they use the same password for more than 10 different accounts, NU.nl reports.
Last year 3.4 million people in the Netherlands fell victim to cybercrime, according to a study by security company Symantec. That comes down to around one in five Dutch. The victims lost a total of around 1.3 billion euros. Symantec concludes that people overestimate their knowledge of digital security, RTL Nieuws reports.
The Algemene Inlichtingen en Veiligheidsdienst (AIVD), the Dutch intelligence agency, has prevented 4 terrorist attacks from taking place since 2011. That is according to AIVD's chief Rob Bertholee, who commented it in an interview at the TV program College Tour.
Water locks and pumping stations in the Netherlands are in danger of being hacked due to inadequate computer hardware and software, according to an investigation published by the Telegraaf. Security software is updated just about every five years, a sign of poor maintenance, and the computer systems that control the water operations date back as far as the mid-1980s, the newspaper said.
The email systems of the Tweede Kamer - the lower house of Dutch parliament - are not well protected, which means that third parties can relatively easily send emails posing as parliamentarians, Follow the Money reported based on its own research.
Follow the Money proved this by sending emails under the names of Prime Minister Mark Rutte, VVD chairman and new Minister of Foreign Affairs Hable Zijlstra, PVV leader Geert Wilders and D66 leader Alexander Pechtold.
On Tuesday King Willem-Alexander opened the Netherlands' parliamentary year with his traditional Budget Day speech. He talked about the devastation Hurricane Irma left of the Caribbean islands that form part of the Dutch Kingdom, terrorism around the world, the prosecution of those responsible for the MH17 disaster, and making sure that everyone in the Netherlands benefits from the improving economy, among other things.
A data leak at software company CarWise ICT meant that information of thousands of Dutch lease drivers was easily accessible to unauthorized parties. The leak was discovered by security company ESET, director Dave Maasland confirmed to NU.nl. Maasland estimates that at least 100 thousand customers were affected.
Hackers can easily break into Dutch solar panels, which could put the European power supply at risk, according to cyber security investigator Willem Westerhof of ITsec in the Volkskrant.
According to Westerhof, the SMA transformers in many Dutch solar panels are poorly protected and have a "wide range of vulnerabilities". Users aren't prompted to change the default password. The transformers are vulnerable to force attacks. And the devices are secured by one super password of the supplier. If a hacker gets hold of that password, many problems can be caused.
Dutch businesses are poorly aware of and prepared for cyberattacks, the Cyber Security Council warned on Wednesday. The Netherlands must take immediate action to make sure businesses have the necessary information to protect themselves against digital threats, the Council said, according to ANP.
Countless computers across the world were infected with ransomware in a new global cyber attack. In the Netherlands the malware hit the APM container terminal in the port of Rotterdam, pharmaceutical MSD and package carrier TNT. There is no sense in paying the ransom, cyber security experts warn, broadcaster NOS reports.
At least 15 Dutch hospitals were hit in ransomware attacks over the past three years, NOS reports based on a survey in which 25 hospitals participated anonymously. The hospitals insisted on staying anonymous out of fear of attracting hackers, according to the broadcaster. Another 20 hospitals refused to participate at all due to this concern.
Dutch companies, government institutions and citizens are not responding fast enough against growing digital threats, according to National Coordinator for Counterterrorism and Security Dick Schoof. At home and at work Dutch people often opt for the fastest solution, instead of the most secure one. Which means that the gap between threats and security measures is getting larger instead of smaller, Schoof said in the Netherlands Cyber Security Image 2017, ANP reports.
The Tweede Kamer is calling on the Dutch government to do something about unsafe internet of things devices. A vast majority of 148 out of 150 parliamentarians voted for a motion demanding an investigation into what security requirements can be set, NU.nl reports.
The motion demands that the government investigates what minimum security requirements can be imposed on the internet of things, how those requirements can be enforced and what other measures are necessary to protect consumers from poorly-protected devices.
A new consortium of six Dutch cyber security companies promised to not be taken over by foreign parties in order to best protect the cyber-side of important Dutch infrastructure. They feel that Dutch national interests and state secrets are best protected by Dutch companies. With this strategy the cyber security companies are taking advantage of controversy that arose when Fox IT was bought by a British investor in 2015, Financieele Dagblad reports.
The city of Rotterdam's data protection and information security is so poorly organized that Mayor Ahmed Aboutaleb may be in danger, the Rotterdam Court of Auditors concludes in a report that the Volkskrant managed to get hold of. The report states that the mayor is at "real risk of physical danger", the newspaper reports.
For example, attackers could relatively easily get access to Aboutaleb's secret agenda or email to get information on where to attack.
Ransomware was found on the computer systems of the Tweede Kamer, the lower house of Dutch parliament, a spokesperson for the Kamer confirmed to various news sources after D66 parliamentarian Kees Verhoeven posted about it on Twitter. Exactly what happened is unclear, but according to Tweakers, the problems are largely solved.
"The Kamer already took appropriate measures. As usual, we can not discuss it further because of safety", the Kamer spokesperson said to NOS.
The Dutch government and Dutch companies are very poorly protected against cyber attacks and crime, according to a report by the Rathenau Institute. Current measures against cyber threats are insufficient and strengthening cyber security in the Netherlands should be a higher priority, the report says according to ANP.
The report, titled A never run race was done at the request of the National Coordinator for Counterterrorism and Security and intelligence service AIVD.
The Netherlands must work on diplomacy, defense and development in order to tackle the growing threat of cyber attacks from hostile countries and criminals, according to the International Cyber Strategy that Minister Bert Koenders of Foreign Affairs sent to Dutch parliament on Sunday. Koenders wants international law to be supplemented to suit the needs of the new digital world, the Telegraaf reports.