Cyber attack takes down Dutch government sites Published duration 12 February 2015

image copyright Thinkstock

A cyber-attack took down most of the Dutch government's websites on Tuesday, it has been confirmed.

The attack, which also took down some private sites, highlighted the vulnerability of public infrastructure.

It came as the US beefed up its defences, and followed warnings that sites belonging to the French authorities had been targeted.

Dutch MPs demanded that the government ensures state sites were capable of withstanding similar attacks in future.

In a statement, the Dutch government confirmed that it had been the victim of a distributed denial of service attack (DDoS), in which servers are flooded with traffic, causing the sites to fail to load.

Investigators were looking into the attack "together with the people from the National Centre for Cyber-Security", said Rimbert Kloosterman, an official at the Dutch Government Information Service, which runs the affected websites.

In a statement, the government said that the sites had gone down at 10:00 local time (09:00 GMT) on Tuesday and "lasted into the evening".

Complex problem

Other websites, including GeenStijl.nl, a popular portal that mocks politicians and religions, had been hit by the DDoS, said Mr Kloosterman.

Communications provider Telford had also been affected.

The complexity and size of the government's many websites had rendered the back-up useless, he added.

The problem affected most of the central government's major websites, which provide information to the public and the media, but phones and emergency communication channels remained online.

Prolocation, the government website's host, said the attack had been a "complex" problem and that its phone lines had also gone down.

"The initial symptoms pointed first to a technical problem, but it then emerged we were facing an attack from the outside," the company said in a statement.

'Greater risk'

But one computer security expert doubted that such an attack could have been hard to identify. "If you face a DDoS, you know it," said Delft Technical University cyber-security specialist Christian Doerr.

Dave Larson, of Corero Network Security, said: "As enterprises increasingly rely on hosted critical infrastructure or services, they are placing themselves at even greater risk from these devastating cyber-threats - even as an indirect target."

He added that DDoS attacks were "increasingly being used as a smokescreen to hide even more malicious activity on the network".

Defences

On the same day as the Dutch attack, the US government announced the launch of an intelligence unit to coordinate analysis of cyber-threats, modelled on similar efforts to fight terrorism.

The Cyber Threat Intelligence Integration Center would fill "gaps" in the country's defences by rapidly pooling and disseminating data on breaches, it said.

In January, following attacks by Islamist militants in Paris, in which 17 people were murdered, French authorities said they had "decided to boost... security vigilance" after a series of cyber-attacks directed at French army regiments among others.