Category: Digital Trust Center

In this news item we inform you about the consequences of failure to convert the NIS2 directive into national legislation in a timely manner.

There are signals of active exploitation of a vulnerability in Zimbra Collaboration. This vulnerability is identified by attribute CVE-2024-45519 . Previously, researchers Proof-of-Concept code and an exploit is available. As a result, the vulnerability has been assessed as ' High/High '. This means that both the chance of misuse and the chance of damage are high.

What's the risk?

Sending a specially crafted email to a vulnerable server can execute arbitrary code on the Zimbra server, including placing a web shell. A web shell is a script that allows an attacker to remotely access the server or execute arbitrary code.

What can I do?

Zimbra Collaboration's parent company, Synacor, has released updates to fix the vulnerabilities. The Digital Trust Center (DTC) advises to provide Zimbra installations with the available security updates and, where possible, also set up monitoring for additional abuse. If necessary, ask your IT service provider to help you with this.

 

Secure digital business

As an entrepreneur or security manager, would you like to receive notifications of serious cyber threats to companies in your mailbox? Then join the DTC Community . To support entrepreneurs, there is also a wide range of cybersecurity information and a toolbox with cyber tools . Want to test whether you already have the basics in order? Take the CyberSafe Check for self-employed persons and SMEs .

On Tuesday, October 1, 2024, the Promotion of Digital Resilience of Companies Act (Wbdwb) officially came into effect. This bill establishes the tasks and powers of the Minister of Economic Affairs (EZ) in the field of digital resilience of non-vital companies in the Netherlands. This law makes it possible for the government to share threat information that can be traced back to a specific company so that protective measures can be taken quickly.

Cause

Research by Statistics Netherlands (CBS) shows that thousands of companies - both large and small - are victims of a cyber attack every year. The Digital Trust Center (DTC) was established in 2018 within the Ministry of Economic Affairs to make non-vital Dutch businesses more resilient to cyber threats. The DTC offers general information and advice to the business community and promotes cooperation between companies in the field of digital resilience. However, there appeared to be an urgent need to inform individual companies about specific digital threats and vulnerabilities that could have a major impact on non-vital companies. That is why the House of Representatives was informed that - in anticipation of the legal basis provided by the Wbdwb - first steps are being taken to share available specific serious threat information with the companies involved via the DTC.

DTC Notification Service

Every day, the DTC receives information about vulnerable or hacked systems. If, after verification, this information is assessed as a cyber threat to a Dutch company, the DTC will issue a warning (notify) so that the company can take action. This means that an email message is sent to the company. If the information cannot be traced back to a specific company, the network owner will be notified. In 2023, more than 140,000 notifications were made, in 2024 the counter will be more than 150,000 notifications.

DTC warned the business community 150,000 times in 2024

Companies are often notified due to a security breach or a configuration error found in devices or software connected to the internet. This may concern recently discovered vulnerabilities that are not yet actively exploited, but also long-known vulnerabilities of systems that still run on older software versions. Consider, for example, Microsoft Exchange, but also so-called 'edge devices' such as firewalls and VPN solutions. For example, the DTC notified Ivanti and Fortinet . The DTC was also able to notify companies about vulnerable Qlik Sense Servers thanks to the Melissa partnership . The DTC also notifies companies in the event of stolen company information. For example, it was able to warn Dutch organizations about leaked login details of company accounts that overtook the international action ' Operation Endgame '.

What does the Wbdwb regulate?

…

 

Secure digital business

As an entrepreneur or security manager, would you like to receive notifications of serious cyber threats to companies in your mailbox? Then join the DTC Community .
To support entrepreneurs, there is also a wide range of cybersecurity information and a toolbox with cyber tools . Want to test whether you already have the basics in order? Take the CyberSafe Check for self-employed persons and SMEs .

A third of small businesses are not taking any action to be safe online. The upcoming NIS2 guideline, which is aimed at strengthening digital and economic resilience, is still unknown to the majority of employees. And phishing is still the most common form of cybercrime in the workplace.

A selection of the results of the Alert Online trend research published today. On behalf of the Ministry of Economic Affairs, Ipsos I&O conducted research into the knowledge and perception of digital security among Dutch people. On this page we zoom in on some striking findings from the Business Sub-report .

 

Employees estimate their own knowledge about online security to be higher than in 2023

More than a quarter (27%) of employees rate their own knowledge of online security as (very) good. In 2023 this percentage was 21%. IT managers rate their knowledge higher than other employees. The share of IT managers who assess his or her knowledge as (very) good is 53%. On the other hand, four in ten (40%) IT managers are concerned about their own online security at work. This percentage is significantly lower for employees: 23% say they are concerned.

NIS2 guideline still unknown among the majority of employees

The NIS2 guideline for information security will come into effect from October 2024. A third (33%) of IT managers have heard of the NIS2 guideline or are well aware of it. In the sectors that fall under the NIS2 directive, 45% of IT managers are familiar with the directive. Employees within all other types of companies are less well informed: 85% have never heard of NIS2. Nine in ten are not aware that their company will (probably) fall under the directive.

A third of small businesses take no action to be safe online

Logging in in two steps is the most commonly taken action for online safe behavior at companies (employees: 38%). This measure is also mentioned most often by IT managers (54%) and employees of large companies (50%). For three out of five employees, the employer makes automatic backups of all files.

Small companies take fewer actions. Moreover, a third of these companies (32%) do not take any action to ensure safe online behavior. Large companies take proportionately more actions. At companies where agreements have been made about safe online behavior, four out of five employees find it easy to adhere to those agreements.

It is striking that small companies with fewer than 10 employees indicate more often than in 2023 that they will not take measures to ensure safe online behavior. In 2023, 19% of companies took no action at all , that percentage has now risen to 32%.

Phishing is the most common

Six in ten (58%) employees received a phishing email . This was as high as 72% among IT managers. This is the form of cybercrime that is most commonly experienced by both groups. Just as in 2023, IT managers are more likely to have to deal with various forms of cybercrime than other employees. More than half of employees would be ashamed if he or she...

 

Getting started with cybersecurity

Do you have no knowledge and experience yet? Then tackle the subject of cybersecurity in a practical and phased manner with the CyberSafe Check for self-employed persons and SMEs . Know within 5 minutes what you need to do today to better protect your company against cyber attacks. Download your own to-do list and get started today with our practical instructions and tips. And check whether you qualify for the My Cyber-resilient Business subsidy scheme!

Botnet contains thousands of Dutch small devices

The NCSC and Digital Trust Center (DTC) have been informed of FBI operation A global botnet was taken over and more than 200,000 systems that are part of this botnet were cleaned up. There are also several thousand devices in the Netherlands. This concerns a wide variety of Small Office and Home Office (SOHO) equipment; these are products such as internet modems, routers and various Internet of Things (IoT) devices.

What can you do?

Due to the FBI's cleanup campaign, these devices are no longer part of the botnet, but this does not protect the equipment against renewed infections. This requires, among other things, a software update to the equipment. Where possible, owners of affected equipment will be notified , but this only concerns part of the total number of affected devices in the Netherlands.

The NCSC therefore recommends checking SOHO equipment for updates and implementing them when an update is available. Equipment that is directly linked to the internet is unfortunately vulnerable to abuse . maintain good basic hygiene

knowledge products about IoT and the security of IoT systems that clearly explain what you can do to be resilient to digital threats. Research by the NCSC shows that the Internet of Things is one of the biggest challenges as part of the digital resilience of the Netherlands.

 

Secure digital business

As an entrepreneur or security manager, would you like to receive notifications of serious cyber threats to companies in your mailbox? Then join the DTC Community . To support entrepreneurs, there is also a wide range of cybersecurity information and a toolbox with cyber tools . Want to test whether you already have the basics in order? Take the CyberSafe Check for self-employed persons and SMEs .

The NCSC and Digital Trust Center (DTC) have been informed of an advisory from the FBI, the Cyber ​​National Mission Force (CNMF), and the National Security Agency (NSA). This advice was written in response to a Chinese bot network of more than 200,000 devices that was discovered by these services. There are also several thousand devices in the Netherlands. This concerns a wide variety of Small Office and Home Office (SOHO) equipment; these are products such as internet modems, routers and various Internet of Things (IoT) devices.

What can you do?

Where possible, owners of affected equipment will be notified , but this only concerns part of the total number of affected devices in the Netherlands.

The NCSC therefore recommends checking SOHO equipment for updates and implementing them when an update is available. Equipment that is directly connected to the internet is unfortunately vulnerable to abuse . maintain good basic hygiene

knowledge products about IoT and the security of IoT systems that clearly explain what you can do to be resilient to digital threats. Research by the NCSC shows that the Internet of Things is one of the biggest challenges as part of the digital resilience of the Netherlands.