third Cyber Security Assessment Netherlands - NCSC
third Cyber Security Assessment Netherlands - NCSC
third Cyber Security Assessment Netherlands - NCSC
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
(variations of ) DDoS and defacement. Finally, botnets are an<br />
important tool for various actors.<br />
The greatest threat at the moment for governments is aimed at the<br />
importance of the confidentiality of information (particularly<br />
against espionage) and continuity of online services (including<br />
generic services) and their own IT. This threat comes from a number<br />
of sides: states, professional criminals, hacktivists and cyber<br />
vandals/script kiddies.<br />
The most important threat for the business community concerns<br />
espionage aimed at information that is sensitive to competition and<br />
of the abuse of financial data for the purpose of theft of monetary<br />
values. This also happens through the manipulation of information<br />
in the form of changes made to (bank) transactions. An important<br />
threat that has increased over the past year is that of disruption of<br />
online services particularly for businesses that provide vital online<br />
services. Moreover, business information of all types is stolen by<br />
several different groups of actors for their own use, for publication<br />
or for selling on to <strong>third</strong> parties. Examples include client data or<br />
information about the IT provisions in businesses.<br />
The number of incidents handled by the <strong>NCSC</strong> increased significantly<br />
during the reporting period. The main reason for this<br />
increase is that as from 5 January 2012 private parties are now also<br />
served by the <strong>NCSC</strong>. In the nature of the incidents involving the<br />
government there has been a relative increase in malware infections<br />
(+13 per cent) and hacking attempts (+5 per cent).<br />
Finding out about the Pobelka botnet provided insight into the<br />
large numbers of infected computers and the quantity of the leaked<br />
data by means of a botnet that had remained undetected up to that<br />
time. There are probably many more undetected botnets. This also<br />
shows that the measures currently available for detecting this type<br />
of attack are not sufficient.<br />
Basic provisions have been the target of attacks in recent times.<br />
These include the attacks on iDeal and DigiD that made online<br />
payments in web shops temporarily impossible and logging into<br />
government services inaccessible, respectively. «<br />
Citizens are affected by identity fraud and blackmail. Citizens<br />
become involved when it is their data that is stolen, published, sold<br />
or misused. Even when the information is stolen directly from<br />
them, interests such as money (damage through attacks on<br />
electronic banking), privacy, availability of online services and<br />
digital identity are all affected. Citizens are particularly concerned<br />
with the protection of their own computers and electronic<br />
equipment against malware and ransomware. Citizens are affected<br />
indirectly when they are involved in a cyber attack through their<br />
own IT becoming part of a botnet.<br />
50