By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Various Dutch companies have been hit by advanced hostage software. This appears from a confidential report from the National Cyber ​​Security Center, which is in the hands of the NOS. Which companies are involved is unknown, as is the number of affected Dutch companies. Worldwide there are at least 1800 affected companies and the number of Dutch companies is a relatively small part, writes the NCSC. But the consequences can be huge. The actual number of affected companies is probably much larger than the figures indicate, the NCSC also writes. The attackers focus on large companies, for example in the automotive industry, construction, and chemistry, but also on hospitals, chain stores, and entertainment companies. It usually concerns companies with millions or billions of sales. Dutch branches of multinationals have also been hit, including those of an American chemical company. Moreover, that company is an important supplier of critical infrastructure in the Netherlands. This includes, among other things, drinking water, internet access, and energy. "We conducted this investigation following disruptive ransomware attacks abroad," a spokesperson for the NCSC confirms. The attack campaign probably started in July last year. The NCSC suspects that the attackers had access to so-called zero-day vulnerabilities. These are powerful digital weapons, for which there is not yet a good solution and which are therefore very effective. "That indicates that it is a professional criminal organization," says cybersecurity expert Frank Groenewegen of Fox-IT. "In terms of level, they are comparable to drug criminals who have their own rocket launchers. By the way, they don't need those digital rocket launchers in many cases, because the security of many companies is so poor." The NCSC considers it 'not unlikely' that the government and the critical infrastructure will eventually suffer from the conscious ransomware attack. In other countries, these sectors have already been targeted, but the government and critical infrastructure could also suffer from ransomware at suppliers. The attackers work ingeniously and sometimes have been in the network for months until they are noticed. In some cases, companies failed to track down the attackers, even after they knew they had been hacked. In an unknown number of cases, the NCSC was able to inform an affected organization in time; he could then intervene before the ransomware was activated. In other cases, it was too late and victims were forced to pay. This sometimes involved millions of euros. Such amounts have also been paid in the Netherlands. If companies do not pay, the financial damage can occur. Companies standstill and cannot produce anything while the bills keep coming in. There is a fear that the attackers will focus on more than just the spread of ransomware. At some affected companies, a lot of data was channeled away; this could involve corporate espionage or other forms of espionage. It is also possible to break in to subsequently commit sabotage. Follow this news on OUR Forum.

 

Translate