Because of its vital function, the Port of Rotterdam is an interesting target for hackers. The war in Ukraine has increased the risk of cyber attacks. "Saboteurs can bring down an entire logistics chain with the push of a button. That has an impact on the whole world." So said Frank Breedijk, cyber security specialist at IT company Schuberg Philis, during the 40th edition of the Port Congress, according to the Rijnmond news medium.
A disruption in critical computer systems can have "disastrous consequences," according to Breedijk. The cyberattack on Danish transport and energy company Maersk demonstrates this well. The company's computer systems were brought down by ransomware in 2017. For weeks, goods could not be processed and the Port of Rotterdam had to close two terminals. This attack caused Maersk 200 million euros in damages.
The image of a hacker working alone and reaping all the proceeds of a cyber attack is outdated, according to Breedijk. "These are well-organized gangs like those in drug crime. Including professional negotiators, data managers and even a help desk that advises you how best to pay the ransom: in bitcoin or other crypto-currencies."
Cybersecurity experts stress that cybercriminals are out for money. Hackers working for a foreign government-the so-called state hackers-have other goals. They try to steal as much sensitive or confidential data as possible. Or they try to wing crucial or vital infrastructure. Regions with a lot of economic activity, such as the port of Rotterdam, are therefore particularly at risk.
Despite the increased risk, Breedijk sees no increase in the number of cyber attacks on Dutch vital sectors. Why this is not the case, he cannot say. "Is it because the Russians are focusing on Ukraine so they don't have time for attacks on other countries? Or do they reason: 'if we break it we won't have it ourselves.' Maybe they are already in our computer systems and listening in?"
Evelien Bras of the Rotterdam cyber organization FERM fears that hackers have already penetrated the computer systems of the Port of Rotterdam and are waiting for the right moment to strike. At the same time, she is convinced that the IT departments of the Rotterdam port's key partners have their cybersecurity in order.
Bras is more concerned about small and medium-sized businesses. "They often have less expertise in-house and sometimes set other priorities. This makes them vulnerable and can drag the whole chain down with them if they are attacked." She calls on companies operating in the industrial port cluster to join the Rotterdam cyber network FERM.
Breedijk advises port companies to better protect their computer systems from hackers and cybercriminals. He recommends proper segregation in the company infrastructure (Zero Trust policy). It is also wise to regularly update systems, make backups and apply two-factor authentication. "If they can't access it, they can't steal it. You really don't need the best lock on your door, but one that's better than your neighbor's. Patch, patch, patch: that's what you need to do a lot and often with anything that is vulnerable and accessible to others."
Furthermore, Breedijk suggests working out a crisis plan in case you unexpectedly become a victim of a hacker. In that case, it is wise to bring in a professional negotiator to talk to the perpetrators. "Victims see their years of work lost in minutes when the screen goes black. At that point, you can no longer think rationally and are willing to pay the top price. We advise not to do that because in doing so you perpetuate criminal blackmail."
Finally, he advocates sharing stories among themselves. "There is a lot of embarrassment among victims to share their stories. Understandable, because you want to get on with your business as quickly as possible and not be put on the map in a negative way. But with good 'basic hygiene,' you can prevent a lot of misery," said the cybersecurity specialist.
Since the beginning of the Russian invasion of Ukraine, the National Cyber Security Center (NCSC) has been closely monitoring the situation. In late March, the agency noted that no digital attacks from Russia had yet been launched against our country. At the same time, the NCSC issued a warning: "The situation may be different tomorrow; we do not rule out attacks and their possible consequences on the Netherlands." The advice to be vigilant for Russian cyber attacks has not changed since then.