Top Dutch cyber official Hans de Vries on cyber defense in times of war

Avatar

Hans de Vries is the director of the National Cyber Security Center in the Netherlands and is one of the forces behind The Hague’s ONE Conference, one of Europe’s largest cybersecurity events. He recently announced he will be retiring and stepping down from his post at the end of the year. The Record’s Dina Temple-Raston and a small group of reporters sat down with him on the fringes of the conference to talk about how the war in Ukraine is affecting the European cybersecurity landscape.

The discussion was edited and condensed for clarity.

DINA TEMPLE-RASTON: How is the war in Ukraine making itself felt in the Netherlands? Are you seeing an increase in the tempo of attacks?

HANS de VRIES: We are currently, as the Netherlands, not affected, in the sense that we do not see attacks directly on Dutch infrastructure, focusing on Dutch companies. We continually scan for that, but we don’t see that.

What you do see is that sometimes the infrastructure from the Netherlands or elsewhere is being misused to do attacks on the other side. But that’s not so common for us to see for the simple reason that I’m not really allowed to look into those systems [as director of the NCSC]. I don’t have the legal abilities to do that type of work. But sometimes we do get information and say, hey, this is odd.

Sometimes we have questions coming from Ukraine asking, ‘Can you do this?’ Or we do data analysis for them. So we help with that kind of work. We don’t normally don’t talk about that, of course.

DTR: You recently had a tabletop exercise called Blue Olex with European partners — can you talk about that? What did you learn?

HdV: It was an international exercise run by the European Commission and ENISA, which was really interesting because, of course it’s a theoretical exercise, but it brings together how we organize and we react in what we’d call crisis situations. And it was really interesting because you see not only the necessity of having standard operating procedures, how to act, but also how different language and explanations are when there is an incident.

DTR: One of the keynote speakers at the One Conference, Lorena Boix-Alonso from the European Commission, said there were lots of lessons learned from the conflict in Ukraine but didn’t get specific. If you were to talk about lessons learned, what are they?

HdV: I think there are a few. The first is that commercial organizations are more, much more able to adapt very quickly in dealing with incidents like this than governments. Simple decision, shall we help, takes days. A company just decides, we go, which is much, much faster.

Second is that being in the cloud is more safe than being on premise. It’s definitely something. And yes, of course, cloud security is definitely something you sometimes have to worry about but it can’t be bombed.

We’ve seen that the private sector is much more adaptable than we are. And that’s painful to say but that’s the truth. And, well the third one is, of course, Starlink has saved the day.

DTR: Even if it might be subject to the whims of one man [Elon Musk]?

HdV: That’s true now, but at that time when he said ‘We’re going to provide it…’ It was a life saver. I’m too far away to really understand what’s happening. Yeah. I just say if you look at the first phase, it was crucial.

DTR: To bring it closer to home, the International Criminal Court in The Hague was hacked a few weeks ago. Can you talk a little bit about that?

HdV: Um, no.

DTR: Can you make me smarter about that?

HdV: Well, we [NCSC] helped.

DTR: You helped?

HdV: After the fact, of course. Within the Dutch cyber… We organized. We coordinated. That’s what we did, we coordinated. Okay. So if I need specific types of information or coordination, we bring that in. So if it is specific police information, etc.,we bring that in, we combine people.

We try to organize because you don’t want to swarm an organization that is being hacked. That’s really off the scale. Seven different organizations each asking a specific question for their means. It really is not helpful. But we try to help. And I think that they’ve, uh, really appreciated our help.

DTR: Have they recovered from it now?

HdV: I can’t discuss it.

DTR: Can you characterize how serious an attack it was?

HdV: I won’t characterize it as a medium, small or large thing, and I’m not able to comment about that. Hacking the ministry of whatever is bad. Hacking the ANWB or the football association is bad. There’s so many bad ones that I cannot say this is worse than the other.

But for any organization, it’s not a good thing if things happen in such a case.

GovernmentLeadershipPeopleNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Dina Temple-Raston is the host and executive producer of the Click Here podcast as well as a senior correspondent at Recorded Future News. She previously served on NPR’s Investigations team focusing on breaking news stories and national security, technology, and social justice and hosted and created the award-winning Audible Podcast “What Were You Thinking.”

 

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Blackbaud agrees to $49.5 million settlement with AGs of nearly all 50 states

Next Post

Cyberattack on British telecom Lyca prevented customers from making calls, topping up

Related Posts

Apple accuses UK gov’t of ‘unprecedented overreach’ on privacy

In the name of security, the UK government may well have put a cybersecurity target on the nation’s back, with Apple once again warning that proposed changes to the Investigatory Powers Act 2016 are a “serious and direct threat to data security and information privacy.“We are deeply concerned about the amendments to the Investigatory Powers Bill currently before Parliament, which will put the privacy and security of users at risk," Apple said in a statement. “This is an unprecedented overreach by the government and, if implemented, the UK new user protections could be secretly vetoed globally, preventing us from ever delivering them to customers.”To read this article in full, please click here
Jason Macuray
Read More

For Patch Tuesday, 48 updates, no zero-day flaws

Microsoft has eased us into the new new year with just 48 updates for the Windows, Office and .NET platforms. There were no zero-days for January, and no reports of publicly exposed vulnerabilities or exploited security issues.Developers of complex, line-of-business applications might need to pay particular attention to how Microsoft has updated the Message Queue system. Printing has been patched and minor updates to bluetooth and Windows shell sub-systems (shortcuts and wallpaper) require some testing before deployment.The team at Readiness has crafted a useful infographic that outlines the risks associated with each of the updates for this January release.To read this article in full, please click here
Avatar
Read More