third Cyber Security Assessment Netherlands - NCSC
third Cyber Security Assessment Netherlands - NCSC
third Cyber Security Assessment Netherlands - NCSC
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
In 2012, ACM received a total of 143 reports in the context<br />
[38: OPTA 2013]<br />
of the duty to report.<br />
»»<br />
In 60 per cent of the reports, the incident had no effect on<br />
customers’ privacy. For example there was a stolen laptop on<br />
which customer data was stored in such a way that it could<br />
not be read.<br />
»»<br />
Seven of the reports concerned a computer virus or a hacker<br />
who had gained access to a company’s computers.<br />
»»<br />
Regarding 39 of the reports, the company had informed its<br />
customers. If customers are informed, they are able to<br />
prevent or limit possible consequential damage.<br />
Following reports, OPTA in 2012 actively checked that malware<br />
was spread through legitimate websites and then helped with<br />
the mitigation<br />
In addition, the ACM is responsible for protecting end-users<br />
again data from their peripherals being posted or read without<br />
consent. Both malware and cookies fall<br />
in this legal stipulation as set out in article 11.7a of the<br />
Telecommunications Act (Tw). Where possible, the ACM<br />
responds to indications of (large-scale) malware spreading in<br />
the <strong>Netherlands</strong>, as happened multiple times in 2012 with the<br />
advertising networks of popular Dutch websites. The ACM then<br />
tries to detect the source as quickly as possible and help to stop<br />
the spread. The ACM does not actively monitor the spreading<br />
of malware, instead its approach depends on indications from<br />
public and private partners and it is continually seeking<br />
opportunities to reinforce its information position.<br />
This will enable infected computers to be identified more quickly<br />
and customers to be better and more quickly informed.<br />
In accordance with the duty to report under the Telecoms Act, ISPs<br />
will also actively inform customers (and end-users) of the risks<br />
of using the internet. This will happen by sending out newsletters<br />
through a webpage with information about secure internet use<br />
or through a Twitter account/Facebook page allowing end-users<br />
to contact the service desk with any questions.<br />
8.5.3 (Software) providers<br />
The role of providers is principally restricted to making updates of<br />
products and software available. A primary role for providers is to<br />
develop and bring out products and software that better protect the<br />
end-user (<strong>Security</strong> by design).<br />
8.5.4 Banks<br />
Banks provide extensive explanation on their websites about how<br />
criminals carry out attacks, what security measures the banks have<br />
implemented and how customers can secure their devices as<br />
effectively as possible. [216] Banks inform their customers when they<br />
have become infected with banking malware that has allowed<br />
criminals to take money. In addition, the Dutch Association of<br />
Banks (NVB) has set up an awareness-raising website [217] that makes<br />
active reference to the risks of (spear) phishing in messages<br />
on television and radio. Banks are implementing mechanisms to<br />
restrict the effects of abuse. Geo-blocking, for example, ensures<br />
that a skimmed bank card cannot be used outside the user’s usual<br />
geographical area. «<br />
As well as carrying out investigations, the ACM seeks active<br />
collaboration with (inter)national public and private parties. In<br />
2012, this collaboration resulted in approximately 100 indications,<br />
the majority of which were properly followed up.<br />
8.5.2 Internet service and hosting providers<br />
As best practice, the internet service and hosting providers in the<br />
<strong>Netherlands</strong> have set up abuse desks where information concerning<br />
infections at customers can be reported. The providers subsequently<br />
consider for themselves whether and how end-users are informed.<br />
To address the botnet problem jointly, several providers in the<br />
<strong>Netherlands</strong>, together with SIDN and the ECP-NL Platform for<br />
Internet <strong>Security</strong> (PIV) have launched an Abuse Information<br />
Exchange initiative. The Abuse Information Exchange [215] will<br />
become operational in 2013 and will collate and process all<br />
information concerning botnet infections in one central point.<br />
215 http://www.rijksoverheid.nl/nieuws/2012/10/24/internetproviders-strijden-tegencomputervirussen.html<br />
216 www.ing.nl/de-ing/veilig-bankieren/index.aspx, www.abnamro.nl/nl/prive/abnamro/<br />
veiligheid/index.html, www.rabobank.nl/particulieren/servicemenu/veilig_bankieren/, www.<br />
snsbank.nl/particulier/over-sns-bank/veilig-bankieren.html<br />
217 http://www.veiligbankieren.nl/nl/<br />
94