NCTV: Risk of disruption greater due to imbalance between threat and resilience

In order to be able to function undisturbed, we must protect our society against digital threats as much as possible. Despite efforts to increase resilience, there is an imbalance with respect to the growing threat. That imbalance increases the risk of disruption, for example in the financial sector or public transport or a critical sector like potable water. This has become clear from this year’s Cyber Security Assessment Netherlands (CSAN) by the National Coordinator for Counterterrorism and Security (NCTV), which was drawn up in collaboration with the National Cyber Security Centre (NCSC).

Cyber attacks perpetrated by foreign intelligence and security services are no longer a rare occurrence. Countries use the digital domain to gain geopolitical advantages. Several EU Member States have been successfully hit by cyber attacks from Russia, and China has attacked political targets in Europe and North America on a major scale over a long period of time. However, cyber criminals are equally capable of causing major digital damage. Although criminals are chiefly financially motivated, an attack may have such a profound impact that it affects national security. In addition, states can also hire cyber criminals or tolerate or coerce others to carry out cyber attacks. The ties between states and cyber criminals recently became apparent when after the war in Ukraine started, cyber criminals who were linked to Russia declared an intent to attack opponents of Russia.

Ransomware attacks are increasingly being used that involve double or even triple extortion, which not only involves extortion of the organisation affected in the first instance, but also of its customers, partners or suppliers. The NCSC has also identified an increase in the number of zero-day vulnerabilities. Abuse of zero-day vulnerabilities can have a major impact if the vulnerability is commonly used in software or hardware. Abuse of the Cloud is also becoming increasingly common. Cloud services have become a crucial part of business processes in recent years. Failure or disruption can have major consequences for Dutch organisations and sectors.

Leave a Comment