NCTV: Risk of disruption greater due to imbalance between threat and resilience

In order to be able to function undisturbed, we must protect our society against digital threats as much as possible. Despite efforts to increase resilience, there is an imbalance with respect to the growing threat. That imbalance increases the risk of disruption, for example in the financial sector or public transport or a critical sector like potable water. This has become clear from this year’s Cyber Security Assessment Netherlands (CSAN) by the National Coordinator for Counterterrorism and Security (NCTV), which was drawn up in collaboration with the National Cyber Security Centre (NCSC).

Enlarge image CSAN
Image: ©Nationale Beeldbank

Cyber attacks by other countries: the new normal

Cyber attacks perpetrated by foreign intelligence and security services are no longer a rare occurrence. Countries use the digital domain to gain geopolitical advantages. Several EU Member States have been successfully hit by cyber attacks from Russia, and China has attacked political targets in Europe and North America on a major scale over a long period of time. However, cyber criminals are equally capable of causing major digital damage. Although criminals are chiefly financially motivated, an attack may have such a profound impact that it affects national security. In addition, states can also hire cyber criminals or tolerate or coerce others to carry out cyber attacks. The ties between states and cyber criminals recently became apparent when after the war in Ukraine started, cyber criminals who were linked to Russia declared an intent to attack opponents of Russia.

Ransomware, zero-days and the Cloud

Ransomware attacks are increasingly being used that involve double or even triple extortion, which not only involves extortion of the organisation affected in the first instance, but also of its customers, partners or suppliers. The NCSC has also identified an increase in the number of zero-day vulnerabilities. Abuse of zero-day vulnerabilities can have a major impact if the vulnerability is commonly used in software or hardware. Abuse of the Cloud is also becoming increasingly common. Cloud services have become a crucial part of business processes in recent years. Failure or disruption can have major consequences for Dutch organisations and sectors.

Polarisation and international conflicts: a breeding ground for hacktivists

The direct threat posed to the Netherlands by hacker collectives is small. However, a tangential threat may arise if hacktivists’ actions are misinterpreted and the countries they are attacking respond.

Cyber Strategy foundation

Each year, the CSAN provides input for policy-making at the national level. On this occasion, the CSAN forms the foundation for the new Dutch Cyber Strategy, which will be published in the autumn of 2022. For that reason, in addition to an assessment of importance, threats and resilience, six additional strategic themes have been introduced – themes that are relevant to digital security in the Netherlands both now and in the four to six years to come. They are:

  • Risks form the downside of a digitized society
  • Cyberspace is a playing field for regional and global dominance
  • Cybercrime is scalable, while resilience – for now – is not
  • Market dynamics complicate controlling digital risks
  • Coordinated and integrated risk management is still in its infancy
  • Restrictions in digital autonomy also restrict resilience.

More information on these themes can be found in the infographic.

Enlarge image Infographic Cyber Security Assessment Netherlands 2022