info(at)dizzrupt.nl
Blog Post
Edgar Versteeg • 13 June 2018

The most striking conclusions

This week the Dutch National Coordinator for Security and Counterterrorism published it’s yearly report ‘ Cybersecuritybeeld Nederland 2018’. The most important conclusion is anything but reassuring ‘The scale and seriousness of the digital threat in the Netherlands are still considerable and continue to evolve. There is a continuous digital threat to national security. The subtitel is less concealing ‘Attackers successful due to lack of basic measures’.

The Dutch society and economy have become completely dependent on digital resources. The consequences of attacks and dropouts can be large and even disruptive.How is possible that we take so few countermeasures against cybercrime? First an overview of the most important findings.

Sabotage and disruption by states greatest threat to national security

The report states on the basis of geopolitical motives, states are increasingly resorting to digital attacks on other countries, organizations or individuals. They aim to acquire strategic information through espionage, influencing public opinion or democratic processes and disruption or even sabotage of vital systems. Last week the FBI published a warning to reboot your router, related to a VPNFilter

malware which was also mentioned by Bruce Schneider in his blogpost. Altought it’s not proven the complexitity of the code involved indicates the involvement of state actors. These kind of advanced malware and persistent threats are a growing threat in the rat race between states and cyber criminals.

Attackers remain successful due to lack of basic measures

Apart from very sophisticated attack methods most organizations are still successfully attacked with simple methods. Updates of the lastest code and software agains vulnerabilities are simply forgotten or not even on the agenda. Patching and system hardening is very important to do, but clearly stil not everyone is convinced about these basis principles of IT security.

Cyber attacks are very profitable and easy to implement and come with little risks for the attacker. Unsafe products eg. IoT devices and services are a fundamental cause of many incidents. The call for security standards and regulations for IoT devices is getting louder and louder.

Main conclusions


  1. State actors are considered to cause the greatest threat. In the past year the world was startled by sophisticated attacks a WannaCry and Petya which caused a huge damage all around the world.
  2. Supplier chains increase vulnerability; a clear example was NotPetya that spread through an update of Ukrainian accounting software.
  3. A range of actors (state, criminal, hactivist) is extremely interested in stealing personal data. This is also noteworthy as since 25thof May the GDPR is now effective, which means that if a company has not taken adequate measures it could face a serious fine.
  4. The threat of terrorists and hacktivists seems stable
  5. Cybercrime as a service, attack facilitators, increase accessibility of attack methods. On the one hand, these are criminals who trade stolen information, such as credit card data or personal data, for financial gain. They sell information that can then be used for an attack. On the other hand, these are actors who realize facilities for attackers, for example by renting out botnets.

If you read the reports of the NCSC year on year, it shows to my opinion that the main threats remain stable although the upcoming state actors should be a main concern to us all. The attacks become more and more sophisticated which makes it more difficult to prevent. What makes that many are still ignorant about the threat of cybercrime. As members of a digital society we should all become more and more aware of the risk of cybercriminals and educate ourselves in this topic. This week the Dutch Government launched the Digital Trust Centerto support SME entrepreneurs. Entrepreneus can now call the DTC for practical information and advice on cybercrime related topics as they publish regularly practical tips as guidance. The community of information security professionals is growing and are quite cooperative and willing to help. If you feel uncomfortable do not hesitate and ask an expert for guidance!

You can download the full NCSC report here.

Pig butchering an online romance scam explained

by Edgar Versteeg 12 March 2024
An growing online romance scam named as pig butchering explained

Transforming the world of mobility

by Edgar Versteeg 12 October 2023
"Driving the Shift from an Analog to Digital business model in mobility"

Empowering SMEs with Cybersecurity Awareness

by Edgar Versteeg 17 September 2021
"How to make small and medium enterprises aware of the power of cybersecurity"

Social Energy Networks

by Edgar Versteeg 25 November 2020
How to trigger consumers and prosumer to rethink their relationship with energy?

Keynote about blockchain technology

by Edgar Versteeg 14 February 2024
In February 2019 I was asked to provide a keynote to the staff of DIQQ and Q-GRP about the potential of blockchain technology. Below is a short summary of my talk. What is blockchain, and what are the benefits? In my view, the power of blockchain consists of three elements. Blockchain is a new technology that enables participants in a distributed network to securely exchange data. Network security is protected by applying cryptography. A well-known definition is a shared ledger containing all network transactions, accessible to everyone. This database offers maximum transparency, unlike other databases that are often shielded. Data and network security are maintained through cryptography, making it impossible to hack a blockchain or manipulate data. Today, cybersecurity is a significant concern, and when you look at well-known hacks (e.g., Mt Gox), you'll see that hackers targeted the exchange platform or wallet but not the blockchain technology itself. Blockchain technology lacks value without an ecosystem for sharing data. Its strength lies in being open-source technology, allowing anyone to contribute to the ecosystem. Additionally, in the decentralized network, peer-to-peer exchange of 'data' or 'value' is possible, a particularly powerful feature. No central authority or middleman is required, allowing for significant efficiency gains. Moreover, crypto-economics or game theory plays a crucial role in blockchain. This involves protecting the network by considering 'rules' and 'adversarial thinking' (‘What could participants do to disrupt the network?’). Designing the ecosystem and desired and undesired behaviors among all (decentralized) participants can be encoded using incentive mechanisms (tokenization and smart contracts), which holds great potential. The interplay between a well-designed ecosystem, game theory's design patterns, and applying cryptography to concrete customer needs or use cases determine blockchain's success. Blockchain in Practice Blockchain is a powerful technology applicable in various forms, often combined with existing technology. Experimentation with various blockchain applications is underway worldwide, focusing on creating value for customers and sharing information transparently and efficiently with chain partners. A well-known example is bitcoin, which can be viewed as an alternative economic system. The bitcoin network is supported by participants, with cryptography protecting the network and facilitating value transfer. Unlike the euro, there is no central party influencing the operation of bitcoin or the ecosystem. This brings several benefits. However, the governance of a blockchain ecosystem is crucial to prevent undesirable behavior, given the atmosphere of 'get rich quick' schemes and fraud surrounding crypto. Worldwide experimentation with blockchain applications is ongoing, with the potential to significantly disrupt existing platforms like Uber, Netflix, and Facebook. Smart Contract A smart contract involves programming transactions occurring on a blockchain. A blockchain can carry value (e.g., bitcoin), which is automatically disbursed when a transaction meets certain conditions. This means processes in the financial, legal, and logistics sectors can be significantly optimized, requiring fewer human interventions to monitor network transactions. Many startups and corporates are developing blockchain applications with the potential to have a substantial impact on the increasingly digitized world. Maturity Blockchain technology is still in its infancy. After the hype in 2017 and early 2018, things have settled down. Blockchain's strength lies in its ability to carry value (e.g., a cryptocurrency) and program desired behavior in the ecosystem, such as tokenization and the application of smart contracts. Although the value of various cryptocurrencies like bitcoin has significantly declined recently, many companies continue to experiment with blockchain technology with conviction. In short, the technology is still evolving, and finding the right use cases or product-market combination remains a challenge. In my role as a product owner, this is what makes my work so challenging! The full article can be read [In Dutch] on the DIQQ website

Are we on the eve of the blockchain breakthrough?

by Edgar Versteeg 19 August 2019
In the past months, there were some interesting markers which I would like to share with you which could potentially indicate fundamental changes in the blockchain ecosystem.

Odyssey hackathon

by Edgar Versteeg 18 April 2019
Winner of the 2nd prize in the hackathon focused on the inclusive finance

Tracking the trends that steer our industry

by Edgar Versteeg 11 April 2019
Trends around blockchain that steer the automotive industry

Do you fall for the tricks of internet scammers?

by Edgar Versteeg 18 March 2019
Test your online security awareness

Cybersecurity for start-ups

by Edgar Versteeg 11 July 2018
Cybersecurity is an essential element to take care of building your startup or enterprise. Read my top 5 recommendations to start with today when it comes to security measures for start-ups.
More posts
Share by: