One bright side of the large malicious ransomware attack last weekend is the fairly unique technical knowledge and practice of ethical hackers in the Netherlands. Researchers from the Dutch Institute for Vulnerability Disclosure (DIVD) found the vulnerability in Kaseya upfront and reported it to the American company as part of the responsible disclosure procedure. Unfortunately, Kaseya was not fast enough to close the leak. It did help in clear message with 'what to do in case...'. The Dutch researchers then actively scanned the internet and informed vulnerable organisations. The damage of the hack is therefore limited in the Netherlands. Read their story in BN de Stem (in Dutch).
The Dutch government would do well to appropriate this role. These digital threats will only increase in near future.
HSD and other digital security ecosystem and public private networks can provide help together with their partners.
The National Cyber Security Center (NCSC) and the Digital Trust Center (DTC) are working on a digitally secure Netherlands. If the NCSC has threat and incident information about the network and information systems of critical providers and parts of the central government, they can inform them and advise them on taking measures.
The DTC offers the non-critical business community information and advice about cybersecurity and stimulates collaboration between companies. Currently, there is not always a legal basis for the NCSC and DTC to provide threat and incident information to organistions. Those organisations are therefore not aware that their systems are vulnerable, while the NCSC or DTC do have information about this. That is why - on 26 June - a bill from Minister Grapperhaus (Justice and Security) and State Secretary Keijzer (Economic Affairs and Climate) is consulted online, which will provide a basis for providing more information. (Read more in Dutch)
In addition, The Dutch National Cyber Security Center (NCSC) started a collaboration with the website 'Have I Been Pwned?' (HIBP). As part of the announced partnership on 5 July, the government's cybersecurity team will have access to all of HIBP's databases. Read the article on Nu.nl.