The VDL industry group faces a choice: pay the criminals millions, or try to get their systems back up and running. That’s what Job Kuijpers from cybersecurity firm EYE says to Omrup Brabant. According to him, the company will almost certainly be a victim of ransomware, also known as ransomware. VDL has been struggling with a cyber attack since Wednesday night, rendering the systems partially unusable. This damage also runs into the millions.
Kuijpers asserts that he is not involved in the case, but that with his knowledge of cyber security he can make an assessment of the situation. “In such cases, it often includes ransomware.”
According to Kuijpers, there are roughly two options in the event of a cyber attack. The first option is to steal data that is then sold, often including large numbers of credit card details or sensitive (privacy-specific) information.
The other option is that the victim’s systems are rendered useless and the company cannot go back to work until it pays the criminals, the “ransom” can be very high. The latter is most likely the case in the VDL. Dave Maasland of the security firm ESET Netherlands also hypothesizes a ransomware attack: “In this case it looks like it is.”
In the millions
The amount of money required in these cases varies. Kuijpers: “The amount is often significantly low in small businesses, because criminals want to be paid. The company can also consider fixing their systems themselves and not being paid.”
In the case of the VDL, this is likely not the case. “The VDL is a tad too big, if you look at similar cases, often into the millions,” Kuijpers says. There is also a loss of business volume that VDL suffers from. Dave Maasland gives a rough estimate: “VDL has an annual turnover of 4.7 billion, which is roughly 13 million a day. If many factories are closed, you’re quickly talking about millions of lost sales per day.”
700% more attacks
How do criminals manage to get to such a “big boy”? According to Kuijpers, this usually happens via an automated process, where computers look for weaknesses in the system. Another option is to send employees emails containing malicious links. But in most cases, it has to do with software vulnerabilities that are being abused.
What is certain is that the VDL will certainly not be the last to be affected by this. “Ransomware is a huge problem, the number of attacks has increased by 700% in the last year.” Therefore, good security is also essential for small and medium businesses. The latter group is particularly affected and the government provides little support to this group and does not have sufficient insight into the extent of what can now be called a national disaster. Organizations like the National Cyber Security Center (NCSC) have insufficient budget and mandate, and municipalities in particular hardly play a role in properly supporting SMEs with this problem.
Did you see an error or comment on this article? Please contact us.
“Lifelong zombie fanatic. Hardcore web practitioner. Thinker. Music expert. Unapologetic pop culture scholar.”