After two weeks, still crisis at hacked municipality
The municipality of Hof van Twente is expected to suffer from the attack on its ICT systems for another six months. A lot of sensitive data has been taken hostage. The acute crisis at the Hof van Twente municipality seems to have been overcome two weeks after the devastating hack, but full recovery will take a long time.
What have the hackers done?
Unknown hackers destroyed the network of the Hof van Twente municipality in the first week of December. They destroyed computer servers and at the same time encrypted the backups. The municipality can ransom the files for a fee. Otherwise, sensitive data - including citizens' data - is likely to be lost forever. The hackers did not use special ransomware for this, but normal encryption programs, says Arwi van der Sluijs. He is director of the cyber security company NFIR, which is investigating the hack on behalf of the municipality. “They get into the network more easily. On the other hand, the hackers have a bit more work to encrypt. That is a choice, but it is very effective. And on the other hand, if you pay the ransom, you are also almost certain that the files can be decrypted. ”
What are the consequences for the municipality?
The impact on the municipality is significant, says mayor Ellen Nauta (CDA). Sensitive data has been lost and services are slowly getting started. Not all systems were affected. Files in the cloud remained out of reach of the hackers. “You also want to use the municipal personal records database, your e-mail is out. The financial administration, all that sort of thing. We are now slowly restarting that.” In some places it is still a crisis two weeks after the hack, says Nauta. For example, the annual accounts still have to be drawn up. “Then you have to switch with partners. And the ministry and the province also think something of it. " The hack did not lead to much commotion among residents. A special telephone number for questions was not called in the days immediately after the hack. Nauta: "I don't find that so strange in itself, because it is still very far away from people."
How is the recovery going?
The municipality does not have to lay new cables yet, but much affected equipment must be thoroughly cleaned up and redesigned. Van der Sluijs: “We have performed miracles in that area. In six days we went from a network that could no longer do anything back to a working network where the basic services worked. ” Full recovery is expected to take another six months. "Then someone can still miss a piece of information." Another option is to pay the hostage takers. The municipality does not want to say whether it has contact with the perpetrators. De Volkskrant spoke to the hackers and wrote that they wanted to see fifty bitcoin - more than 900,000 euros - for 40 terabytes of data taken hostage. According to Van der Sluijs, “significantly less” data was encrypted. He calls the reported amount "exorbitantly high". “They ask that at a large company. I also see some connection with the fact that contact was made earlier. That definitely pushed up the price.” Mayor Nauta does not want to anticipate paying the ransom. Governments are actually not allowed to pay, because they reward crime in this way. “They are diabolical dilemmas. You are dealing with public money and then you will make decisions. If we don't pay the ransom, what will happen? ”
What can we learn from the hack?
Only in two months will it become clear how the systems have been hacked. NFIR is then expected to complete its investigation into the hack. The municipality will share the findings, says Nauta. “We hope to learn from the attack, but we are not leaving the research alone for us. This can happen to anyone, individuals and companies.” There are plenty of standards for setting up networks securely. The Baseline Information Security Governments (BIO) applies to governments. These rules are intended to prevent poorly secured networks from falling prey to hackers. Nauta: “We were busy with tests, protocols, compliance with the BIO, you name it. As the Dutch government, we do a lot of data protection, but apparently we need to get a little bit stronger - or maybe teeth. Van der Sluijs advises municipalities to monitor their networks more actively. For example, by scanning for vulnerabilities, just like hackers. “I think it is also because ICT security is a relatively young industry. Compare it with the financial world. We think it is quite normal for a second accountant to look at the figures again. That is not so normal in IT yet. An attack like this is not fun for the municipality, but it helps enormously in raising awareness."
Farmer's blockade disrupts online orders from supermarkets
A campaign by farmers at distribution centers of supermarkets in various places in the country is causing empty shelves locally. It reports the Gelderlander . Also, supermarkets cannot deliver all online groceries. Jumbo says it has canceled some of the online orders, just like Albert Heijn, but exactly how much is not known. The blockades started early on Saturday morning. The campaigns were in Zwolle and Oosterhout in Gelderland and since Friday in Raalte. Distribution centers of Albert Heijn, Lidl, Aldi and Jumbo were blocked with trucks. The mayor of Zwolle gave the farmers an ultimatum of 6 p.m., who then left.
The action was then also ended in Oosterhout. Foremen of the protest in Oosterhout earlier left for Zwolle to talk to the mayor there. They threaten to come back on Monday if there has not been a conversation with Albert Heijn. In a statement , Albert Heijn indicates that it will enter into talks with the activists before Christmas. The campaigns already started on Friday at distribution centers in Woerden, Beilen, Raalte and Heerenveen. According to the mayor of Raalte, talks are going on there between the farmers and supermarket chain Jumbo. Some of the farmers who have left Zwolle have now joined the protest in Raalte, writes the Stentor .
The farmers are protesting against what they consider to be too low prices that supermarkets pay for their products. In addition, they are against the import of agricultural products that local farmers can also supply. They want a quality mark for products for which a fair price is paid. There were 200 tractors in Zwolle, reports RTV Oost . Trucks on their way to the distribution center stopped on the access roads to Zwolle.
Nearly 100,000 industrial accidents in 2019, stress regularly the cause
In 2019, 93,000 occupational accidents took place as a result of which employees were unable to work for at least four days, according to the CBS. The situation has therefore not improved compared to 2018. In a quarter of the cases, the cause is stress, new figures show. In 23,000 work accidents with at least four days absence, the main cause of the injury was psychological overload, for example caused by intimidation or stress, according to Statistics Netherlands. More often, however, there is a physical cause. Slipping, tripping and overloading such as heavy lifting or making incorrect movements are relatively often cited as the main causes.
In 2019, 3.3 percent of employees aged 15 to 75 suffered physical or mental damage in a work-related accident. More than half returned to work the next day, but 1.1 percent of all employees were absent for at least four days as a result of the work accident. It also happened, for example, with crane operator Nico van de Werff who fell through a roof from a height of five meters during lifting operations. He had to recover for a month.
Care and trade
Almost half of the work accidents with at least four days of absenteeism occurred in healthcare, trade and industry, according to Statistics Netherlands. This is partly because there are many employees working in these sectors: together they provided work to more than 40 percent of the employees in 2019.
In the industry, a relatively large number of employees also have a work-related accident: 1.3 percent of employees had a work accident with four or more days off work in 2019, compared to an average of 1.1 percent of all employees. In trade, at 1.0 percent, this is slightly lower than average, and in healthcare this percentage is the same as the average for all branches of industry.
The figures for 2017 and 2018 are comparable to those of this year. However, the SZW inspectorate is trying to reduce the number of accidents. She has therefore changed her policy. Occupational accidents still have to be reported to the inspectorate. But there is no longer a huge fine if the company is to blame.
If the injury is relatively easy, a company will from now on first have the opportunity to investigate for itself what went wrong and what can be done to prevent a recurrence. If the improvement plan is approved, the SZW Inspectorate will not impose a fine. A new approach - more focused on investing in quality instead of penalties - should reduce the number of industrial accidents.
Staff complain about vibrations, NS stops dozens of double-deckers
As a precaution, NS is removing 49 trains of the DDZ type from the track. Train crews complain about vibrations when these double-deckers reach high speed. Research has not yet revealed any cause. That is why there will be a follow-up investigation. In anticipation of the outcome, all DDZ trainsets have been removed from the timetable immediately. NS has a total of about 750 trainsets in use. That is enough to compensate for the loss of the DDZ trains. DDZ trains are commuter trains from the 1990s that were converted between 2009 and 2014 for intercity services. This year, a tender has started to replace them in 2027 with a combination of single and double-deck cars that must be suitable for speeds of up to 160 kilometers per hour. In January, a DDZ train derailed at The Hague Central. This was because two wheels had been damaged by a problem with the braking system, it turned out in July .
Translated from Dutch to English with Google translate