Not only the Public Prosecution Service, other Dutch organizations were probably attacked by cyber criminals through a gap in the security of the widely used Citrix software. That reports The National Cyber Security Center (NCSC) Tuesday. The body did not announce which organizations are involved. It is also not known whether the cyber criminals are still active.
Citrix does not provide ordinary servers and software: it offers access to networks of, for example, government services and universities. There is a mistake in that software since the beginning of May. Due to that error, according to the NCSC, “several critical organizations” were attacked in the Netherlands.
Citrix has since released updates so that organizations that use the software can close the gap in their security. Yet, according to the NCSC, a single update is “not enough to remove the risk of abuse.” This would require even more safety measures. In addition, after the attacks, the hackers erased traces, the NCSC writes.
There are several studies on the scope and impact of the attacks. The NCSC says it works with the affected organizations to collect more information.
Public prosecutor
On July 16, the OM Het Citrix Lek tracked down. Citrix then decided to disconnect all systems from the internet. That had major consequences: the OM could not function for weeks as usual. The case law has forced to take over tasks from the OM, such as emailing with the Central Judicial Collection Agency.
The NCSC speaks of a “refined attack” on Tuesday. Due to an error in the computer code, attackers could gain access to data fragments from the network. The leak was small, but not innocent, the organization writes. By constantly gathering small bits of data, the hackers would eventually have had access to sensitive information, such as passwords.