Recalling the crippling cyberattack that struck Saudi Arabia in 2012 and pointing to last week’s “WannaCry” spyware outbreak, Dutch spy chief Rob Bertholee warned Tuesday that the world may be close to a “serious act of digital sabotage.”
Speaking at this year’s International One Conference, Bertholee said sabotage of critical infrastructure is “the kind of thing that might keep you awake at night.”
- Digital threats, he said, “are not imaginary. They are everywhere around us.”
“In my opinion, we might be closer to a serious act of digital sabotage than a lot of people can imagine,” he told hundreds of experts and officials at the conference.
Bertholee serves as the head of the General Intelligence and Security Service, the clandestine intelligence and security service in the Netherlands.
The agency monitors right- and left-wing extremists and various Islamic groups, in addition to sourcing intelligence, performing background checks on individuals employed in “positions of trust” and investigates incidents like terrorist bombings and threats.
Bertholee’s comments came on the first day of the conference, jointly hosted by the Dutch Ministry of Economic Affairs and the National Cyber Security Center of the Ministry of Security and Justice.
The conference is a two-day event in which leading experts discuss subjects such as malware and monitoring, security and privacy, cybercrime and incident response cases, as well as various strategies to prevent cyber attacks.
In something of a history lesson for conference attendees, Bertholee recalled the 2012 attack on Saudi Aramco, the world’s largest oil company. The virus erased data on three-quarters of Aramco’s corporate PCs — documents, spreadsheets, e-mails and files — replacing all of it with an image of a burning American flag.
The attack forced Aramco to shut down its internal corporate network and disabling employees’ e-mail and Internet access to stop the virus from spreading. Within a matter of hours, 35,000 computers were partially wiped or totally destroyed in that attack, effectively launching the company back into the 1970s.
Four years later, Saudi Arabia was victim to a series of “destructive” cyberattacks. At the start of 2017, they were again on red alert after a warning from the Computer Emergency Response Team.
On Friday, a severe malware outbreak struck nearly 60,000 computers in more than 150 different countries. The trojan virus, dubbed “WannaCry,” has been classified as “ransomware,” because it holds the infected computer hostage and demands its owner pay a ransom in order to regain access to the encrypted files on his or her computer.
Thus far, European countries have been hit the hardest, and business sputtered almost to a halt at several large companies and organizations, including banks, hospitals and government agencies.
Bertholee highlighted these attacks in his remarks, posing a few hypothetical questions in order to underscore the importance of cybersecurity in today’s age.
“Imagine what would happen if the entire banking system were sabotaged for a day, two days, for a week,” he asked. “Or if there was a breakdown in our transportation network. Or if air traffic controllers faced cyberattacks while directing flights.”
Bertholee said ountries must be prepared for future threats in the digital domain, with governments and private sectors working closely together, as this is “where our societies have become most vulnerable.”
“The consequences could be catastrophic,” he said. “Sabotage on one of these sectors could have major public repercussions, causing unrest, chaos and disorder.”