Are the Dutch insufficiently prepared for cyber attacks?

Dutch public and private organisations are not sufficiently protected against cyber threats. This is the conclusion of a study performed by the Rathenau Institute and Dialogic.

The Netherlands is one of the most ICT-intensive economies in the world, and an attractive target for cyber criminals. The largest threat consists of foreign intelligence agencies who gather and manipulate political, technological and military information at large scale. We also see that cybercrime is increasingly available as a service and therefore increasingly accessible to a large group of criminals.

In the fight against increasingly sophisticated attack methods used by cyber criminals, further concrete action is required. Dialogic conducted a trend analysis and an international comparison, in which it examined a number of major cyber attacks: cyber fraud, ransomware, digital espionage and DDoS. The main findings are the following:

  • Digital espionage is currently the greatest danger, and will remain so for the time being. Attackers have access to a lot of resources so that they can make use of advanced tools. Against these advanced tools, which often use zero-day vulnerabilities, protection remains barely possible.
  •  Cyber Fraud on the other hand seems to be under control. Banks have taken several measures to increase resilience, including information campaigns targeted at the public, which prove to be very effective. The damage caused by fraud in online banking has fallen from almost 35 million euros in 2012 to less than 5 million euros in 2014.
  •  Ransomware and DDoS have undergone rapid development in recent years and cause more damage than ever. This is mainly due to the rise of as-a-service models that criminals also can perform with little money and without extensive knowledge attacks.
  • The emergence of the Internet of Things amplifies the threat of DDoS’es. More and more devices are connected to the Internet, but the security of these devices is often in order.Cybercriminals can hack these devices and use them to mount a DDoS attack.

Download the full report here (Dutch).