Hackers that infected Maastricht University's network with ransomware were in the network for over two months before they attacked, was revealed in the forensic investigation into the attack. "They first mapped out the network in order to be able to roll out the ransomware as well as possible," security expert Frank Groenenweg of Fox-IT, who was involved in the investigation, said to NOS.
Companies and institutions reported nearly 27 thousand data breaches to the Dutch Data Protection Authority last year, an increase of 29 percent compared to 2018. Most of the leaks came from companies in the financial sector. The number of data leaks due to cyber attacks also increased, especially in the case of ransomware, NOS reports.
"We are seeing a huge increase in data breaches," Monique Verdier of the Dutch Data Protection Authority said to the broadcaster. "Last year we also saw a quarter more reports of attacks such as ransomware."
Maastricht University paid between 200 thousand and 300 thousand euros to hackers who had blocked access to the university's digital systems with ransomware, various people involved told the Volkskrant. The university board was forced to pay because the university's backups were also hijacked. The backups - stored on the university servers - contain research data and data from students and staff from the past decades.
Maastricht University was still trying to recover from a crippling cyberattack nearly a week after the university's computer systems were felled in a ransomware scheme. One expert told De Limburger that Russian organized cybercrime outfit TA505 is responsible for the attack.
Maastricht University in the Netherlands said it was adversely affected by a "serious cyber attack." The university has been trying to recover from the attack since Tuesday, where offenders reportedly used ransomware, a method that encrypts files which are then only decrypted after a ransom is paid.
Ransomware is a growing problem for Dutch companies. Small- and medium sized businesses in particular are popular targets for this type of malware, according to security researchers, insurers and sector organization MKB Nederland, NOS reports.
Ransomware is a type of malware that blocks access to the data on your computer, unless you pay the cyber criminal behind the malware a 'ransom'. For businesses it can mean losing access to their administration, customer data or other important documents, sometimes bringing an entire business to a standstill.
Online platform No More Ransom, launched by the Dutch police, helped at least 300 Dutch people get rid of ransomware on their computers in the three years of its existence. Over 2.5 million people worldwide have consulted the platform, the police said in a statement on Thursday.
The Dutch police are concerned about an increasingly popular development in cybercrime, which the police refer to as cybercrime-as-service. Criminals can now buy cyber attacks easily, cheaply and at any time of day or night, the police said in a statement.
A few dozen Dutch companies have been infected with ransomware SamSam, according to security company Fox-IT. A precise number can not be given because it is unknown how many companies paid the ransom or managed to get rid of the malware themselves, NOS reports.
The United States is blaming Russia for a ransomware attack that infected countless computers around the world last year. In the Netherlands container terminal APM in the port of Rotterdam, pharmaceutical MSD, and package carrier TNT were infected by the ransomware called NotPetya or Petya.
2017 was a busy year for the Netherlands, with parliamentary elections and a new government forming, a hurricane hitting three islands that form part of the Kingdom, and a number of murders that rocked the country. Here follows a summary of the biggest stories of the year.
A gang of Romanian cyber criminals suspected of infecting computers in the Netherlands, Belgium, Italy, and the United States with ransomware, was busted in Romania last week in coordinated investigations by the Dutch, Romanian, British, and American authorities and Europol, the Dutch police said in a statement.
Container company APM finally reopened one of its two terminals at the port of Rotterdam after being hit in a global ransomware attack on Tuesday. So far Dutch insurers received only a few damage claims from businesses affected by the Petya attack, BNR reports after talking to a number of large insurers.
The companies in the Netherlands that were hit in the global ransomware attack on Tuesday, are still struggling with the consequences. By Wednesday night containers were still stuck at APM in the port of Rotterdam and thousands of packages were in limbo at TNT sorting centers, according to RTL Nieuws. The damages are estimated in the millions of euros.
Police systems across the country are offline due to a major failure, a spokesperson confirmed to NU.nl after reports in AD. This outage affects a number of police system, including the MEOS system used to issue digital fines and search license plate numbers.
The cause of the problem is unclear, but according to the police, this has nothing to do with a global ransomware attack on Tuesday. "We were not hacked. Our systems were not hacked", the spokesperson said to the newspaper.
Countless computers across the world were infected with ransomware in a new global cyber attack. In the Netherlands the malware hit the APM container terminal in the port of Rotterdam, pharmaceutical MSD and package carrier TNT. There is no sense in paying the ransom, cyber security experts warn, broadcaster NOS reports.
The Dutch police implemented "precautionary measures against a possible cyber attack" which left some functionalities on the police website party or completely unavailable, the police said in a statement.
"Forms that are completed and sent may not arrive or only much later", the police said, apologizing for the inconvenience. It is not clear how long these measures will be in place.
The police can still easily be reached via the telephone.
At least 15 Dutch hospitals were hit in ransomware attacks over the past three years, NOS reports based on a survey in which 25 hospitals participated anonymously. The hospitals insisted on staying anonymous out of fear of attracting hackers, according to the broadcaster. Another 20 hospitals refused to participate at all due to this concern.
Dutch companies, government institutions and citizens are not responding fast enough against growing digital threats, according to National Coordinator for Counterterrorism and Security Dick Schoof. At home and at work Dutch people often opt for the fastest solution, instead of the most secure one. Which means that the gap between threats and security measures is getting larger instead of smaller, Schoof said in the Netherlands Cyber Security Image 2017, ANP reports.
National school students' organization LAKS was hit in a ransomware attack that left its exam complaint website off line from 4:00 p.m. on Thursday until Friday morning. According to the organization, they were infected by WannaCry, the ransomware that infected some 200 thousand computers in 150 countries last weekend, NU.nl reports.
During the first quarter of this year, two Dutch government institutions and a company in the energy sector were infected with ransomware, AD reports based on information obtained from the National Cyber Security Center (NCSC) by appealing to the freedom of information act. Ransomware is a type of malware that blocks access to files on an infected computer. The user can regain access to the files by paying a ransom, usually demanded in bitcoins.
The Dutch police are calling on all individuals and businesses to report any form of cyber attack on their computers, following a global ransomware attack that infected at least 200 thousand computers in 150 countries since Friday, including in the Netherlands, according to NU.nl. The virus infected computers through a months-old security leak in Windows, for which Microsoft already implemented an update.
The Netherlands is the European country with the second most ransomware infections last year, according to security company Symantec's annual Internet Security Threat report. Globally the Netherlands is in 6th place, Tweakers reports.