Dutch Minister of Security and Justice Ivo Opstelten has written a letter to the parliament warning government departments and businesses about the consequences of cyber espionage. It remains the biggest security challenge and this is getting more visible.
Society’s growing state of hyper connectivity creates an IT dependence which makes us vulnerable to professional criminals and threats from other states focused on retrieving confidential data and continuity of services.
Distributed Denial of Services (DDoS) attacks have increased dramatically, and have also become more visible as was shown with the most recent attacks on Dutch banks in April earlier this year. Also, there has been an increase in identity theft and blackmail, putting money, privacy and availability of online services at stake.
Within the public and private sector initiatives have been taken to build resistance to such threats and attacks. However, many organisations still have challenges with basic measures such as patching and updating systems and improving passwords policies, making old fashioned cyber threats attacks still effective.
In reality it is the end user who carries the majority of responsibility of securing his or her ICT. It is challenging especially when confronted with vulnerabilities in devices and services one has limited influence in or knowledge about. Awareness of users is extremely important, for secure use starts with awareness.
Fast developments in this arena and the risks at stake are cause for law changes in The Netherlands empowering its National Cyber Security Centre (NCSC). Advocates claim urgency, especially because of a reported increase in espionage activities, due to government investments towards “advanced tools”. The NCSC reported to have traced these activities to Russia, China, Syria and Iran, and continue to state that the consequences of espionage are enormous; claiming the competitive advantage of certain Dutch companies is being jeopardized. Especially top sectors would be vulnerable to this, of which the economic damages in The Netherlands are difficult to estimate, but there is no doubt that its effects are great enough to disrupt the economic playing field.
In addition, criminals are evolving as well and have even developed commercial services to assist other criminals in their crimes, also referred to as “cybercrime-as-a-service”. This is cause for concern, since it lowers the criminal threshold; also protection becomes more difficult because malware is evolving faster than anti-virus programs.
Where it seems that individual organizations have their basic security in order, their shared services and infrastructure remain vulnerable, risking interests that go beyond that of the organization in question. All the more reason for ongoing look outs for cyber-threats.