third Cyber Security Assessment Netherlands - NCSC
third Cyber Security Assessment Netherlands - NCSC
third Cyber Security Assessment Netherlands - NCSC
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Summary<br />
The National <strong>Cyber</strong> <strong>Security</strong> Centre (<strong>NCSC</strong>) publishes<br />
an annual <strong>Cyber</strong> <strong>Security</strong> <strong>Assessment</strong> <strong>Netherlands</strong> (CSAN)<br />
in close collaboration with public and private parties.<br />
The CSAN is published for policy-makers in government<br />
and vital sectors, who use it for the insights it offers into<br />
developments, for assessing possible measures for<br />
increasing the digital resilience of the <strong>Netherlands</strong>,<br />
and for improving current cyber security programmes.<br />
CSAN-3 covers the period April 2012 to March 2013 but<br />
also includes important developments up to the start<br />
of May 2013.<br />
Information Technology (IT) today is woven closely into society<br />
and thus forms an important part of our daily lives. Access to the<br />
internet is currently embedded in all sorts of devices: computers<br />
and telephones, of course, but also cars, televisions, thermostats,<br />
weighing scales and so on. This ever-increasing digitalisation<br />
is not just for our comfort and pleasure, it is an important<br />
driver of innovations that increase productivity and enhance<br />
economic growth.<br />
The risks attached to digitalisation have become all too apparent,<br />
partly due to various incidents in the past year. IT is often vulnerable.<br />
The way digitally stored or exchanged information is handled<br />
gains importance every day. It makes IT and confidential information<br />
an interesting target for people with malicious intentions,<br />
from the criminal world right up to governments. The incidents that<br />
took place show that many organisations do not have the digital<br />
resilience at the level required for the risks involved. <strong>Cyber</strong> security<br />
has therefore increasing importance.<br />
Core findings<br />
The most important findings of CSAN-3 are as follows:<br />
1. Several trends show considerable IT dependence, rising fast due<br />
to advances such as hyperconnectivity, cloud computing and the<br />
ease with which the internet is used as an enabler. The potential<br />
impact of incidents occurring is all the more obvious.<br />
2. Digital espionage and cyber crime remain the biggest threats to<br />
both government and the business community. This concerns:<br />
a) Digital espionage originating from a foreign state, aimed<br />
at government and the business community. Activities have<br />
been identified originating from, among other countries,<br />
China, Russia, Iran, and Syria.<br />
b) IT takeovers by criminals by means of malware infections,<br />
aimed at government, the business community and<br />
citizens. Criminals are becoming more daring in their ways<br />
of earning money quickly, for example, phoning citizens,<br />
or confronting them with shocking images in ransomware.<br />
c) Manipulation of information (fraud) by criminals, aimed<br />
at the business community, most obviously internet<br />
banking fraud, which victimises both banks and citizens.<br />
3. States can develop and deploy advanced tools, while cyber<br />
criminals continue to develop their existing tools. Clearly visible<br />
in the past year has been the rise of a commercially available<br />
cyber services sector, ‘cyber crime as a service’, which offers far<br />
easier access to criminal tools to various parties.<br />
4. Citizens, businesses, and governments alike are regular victims<br />
of botnets and ransomware. Malware can mutate so quickly<br />
that anti-virus programs are unable to even detect its presence.<br />
Although botnets are mainly used to manipulate (financial)<br />
transactions, certain incidents (such as Pobelka) show that<br />
the collateral damage of information stolen through botnets<br />
can be enormous.<br />
5. The IT sector continues to be vulnerable. Following a few years<br />
of reduced levels, the number of openly published vulnerabilities<br />
in software is increasing again. Cloud services, mobile<br />
services and innovative devices all result in new vulnerabilities.<br />
6. The end-user is burdened with a big responsibility for security,<br />
but more often than not has little influence or even knowledge<br />
of the vulnerabilities he confronts in the devices and services.<br />
7. Public and private parties are starting up initiatives, both<br />
separately and together, to increase digital resilience and<br />
in anticipation of the ever-increasing dependence on IT and<br />
changing threats. The effectiveness of these initiatives can only<br />
be measured in the long term.<br />
8. Disruption in the IT sector is displayed publicly, particularly<br />
when it comes from Distributed Denial of Service (DDoS)<br />
attacks. Resilience has been inadequate at times, which led<br />
to a decline in the availability of online services provided<br />
by organisations. In addition, DDoS attacks disrupted basic<br />
services such as DigiD and iDeal, and this had a chain effect<br />
7