The police will proactively approach victims of the ransomware attack by the Russian hacker group REvil in the coming period. Victims who have not yet reported the attack are requested to do so. In this way, the police and international partners hope to learn more about the criminals’ working methods.
REvil launches global supply chain attack and kills hundreds
Anyone who follows the latest developments in cybersecurity and information security will know for sure that an international supply chain attack was carried out by REvil last Friday. They abused a zero-day exploit in VSA, software from the American IT service provider Kaseya to remotely manage the servers and computer systems of customers. As a result, the hackers were able to install ransomware on hundreds of customers of the software.
According to the latest figures, there have been between 800 and 1,500 victims worldwide, in at least 17 countries. In our country, too, companies and organizations have become the victims of the Russian cyberattack. It was very close to whether ethical hackers from the Netherlands had succeeded in repelling REvil ‘s attack. “If we had had a little more time, we would have succeeded,” Wietse Boonstra and Frank Breedijk of the Dutch Institute for Vulnerability Disclosure (DIVD) told Vrij Nederland.
Police against victims: ‘File a report!’
The Dutch police say that the damage in our country has been limited. For this she thanks the volunteers of the DIVD. The stocking is not over yet. Police are currently approaching victims of the hacking attack. She calls on victims who have not yet made a report to do so. “Reports are not only important for the police, but also for its international partners, who may be more widely affected and may therefore want to conduct further investigations,” the police said.
By collecting data from multiple attacks, the police hope to learn more about REvil’s methods. “That will help detect criminals and help disrupt the criminal process in the fight against ransomware .” The police use the information from reports to prevent damage and casualties in the future.
This is how you protect yourself against hackers and cybercriminals
Matthijs Jaspers of the Cybercrime Team Oost-Brabant says that citizens and companies can take action themselves to minimize the impact of a ransomware attack. Working with a cloud supplier is a good example of this. But even that is not entirely without risk. “When such a service provider or supplier falls victim to a hack, their customers can also be affected,” says Jaspers. “In this situation, it was precisely the service provider’s customers who had to deal with ransomware. That is why it is very important to regularly back up your data and store it somewhere else, disconnected. Then you have your backups to fall back on.”
Another very effective security measure that citizens, businesses and organizations can take is setting up two-factor authentication or 2FA. Marijn Schuurbiers of the High Tech Crime Team advises to make it more difficult for cybercriminals ‘at the front’. That starts with ‘an extra lock’ on the door, as he describes 2FA. According to him, criminals immediately ignore companies that arm themselves with 2FA.
Other advice that the police give to protect yourself against hackers and cybercriminals are installing (security) updates immediately, using antivirus programs and regularly backing up data on your computer. In any case, what you should not do is pay ransom to the attackers. “Although we understand that the impact on business operations is enormous, our advice remains not to pay. In this way, this crime is financed and maintained, in fact: further developed. We literally see in studies that profits from one attack are partly invested in infrastructures of new attacks. We have to break through this chain”, says Jaspers.
‘Ransomware has an increasing impact on society
Finally, the police warn that cyber-attacks are having an increasing impact on society. Criminals are increasingly using ransomware to do this. In doing so, they not only make many victims, but they earn billions every year. Jaspers says that the police cannot fight against hackers alone and advocates cooperation with public, private and international parties. “A lot of research is also being done into this phenomenon in the private sector. By also exchanging information and knowledge with them, an increasingly complete picture of the phenomenon is created, including any weaknesses of the criminals.”
National Coordinator for Counterterrorism and Security Pieter-Jaap Aalbersberg had a similar message last week. even before the dangers of ransomware. He said ransomware is “a scourge for SMEs” and “a risk to our national security.” Due to the far-reaching digitization of our society, cyber-attacks have a major social and economic impact. Especially if companies and organizations from the vital sector are the targets. That is why it is very important to continue to pay attention to cybersecurity and digital resilience.
The government has therefore started an internet consultation on the Promotion of Digital Resilience Companies Act (Wbdwb). The core of the bill is to make it possible to share threat information with companies and organizations that are not active in the vital sector. Bodies such as the NCSC and the Digital Trust Center (DTC) are currently only allowed to pass on such information to government agencies and bodies in the critical infrastructure.
Catch up on more articles here
Follow us on Twitter here