The Cyber Security Council, the advisory body of the Cabinet when it comes to cyber security, wants more companies to be notified of a cyber attack, rather than just the vital sectors. According to Ron Moss, a member of the Council, the loss of Petya attack could have been less if companies such as APM Terminals and parcel TNT were warned before, let it faces BNR know.
In the case of the Petya-ransomware though there were no signs or information that the attack would take place, and the news was known until the outbreak had occurred. "If the attacks take place, then the damage is already done, then there is not much point to inform," said Ronald Prins of security firm Fox-IT. He points to the outbreak of the WannaCry-ransomware, which spread very rapidly. "And so there was no warning as possible."
D66 MP Kees Verhoeven endorses the opinion of the Cyber Security Council and wants the government will implement it. "There could be considered a National Computer Emergency Response Team. A team which companies can exchange knowledge and information about cyber attacks." According to Verhoeven should be informed on the one hand on attacks and malware, but companies have on the other hand are structurally better prepared. "This is largely the responsibility of the companies themselves, but the government can play a supporting role. We have the National Cyber Security Center. The infrastructure to do it so, but apparently works not yet."
Update
The opinion of the Cyber Security Council has now been published online ( pdf ). It calls for a nationwide system of information centers for information exchange covering all Dutch businesses. In addition, suppliers must of internet products and services have an active stance when it comes to offering safe products and have to do the simple declaration to cybercrime to the police.
No comments:
Post a Comment