Headlines June
The huge impact of a cyber incident
If your company is down due to ransomware: 'Customers were on the doorstep with clubs'
"It felt like a robbery. Something had happened to us that prevented us from doing our job," says Erik Ros, director at Bakker Logistics. His company made headlines in April after a ransomware attack that prevented supermarkets from stocking cheese.
Concerns about ransomware attacks are growing: the National Coordinator for Counterterrorism and Security declared it a threat to national security today.
In addition to financial consequences, an attack also has a long personal aftermath for the people who work at affected companies, Ros says. "You feel very powerless and frustrated, we were unable to deliver anything. Soon after, we took action, then you go into solutions By processing orders manually, for example. We immediately hired a cybersecurity company and they guided us through it."
'Robbery'
The attack is discovered on April 4 at 2 am. Less than two hours later, the entire board meets in an online crisis team meeting. "The business runs 24 hours a day, teams had seen a hiccup in the system and were right, something is not right here."
While an IT colleague is being called, they get the first notification on the screen. It's a message from the hackers.
“If you can't start your computer, so to speak, do you think for a moment: it won't be? I don't wish it on anyone. Erik Ros, Bakker Logistics
"We were encrypted, it said, and had to pay to access our system. To protect our customers, all connections between us and our customers were shut down. We couldn't do anything, were literally mugged."
Ros had heard of a ransomware attack, but it had never happened to him before. "The hackers didn't get in through a phishing email or a malicious link. Everything worked properly and yet it happened." The hackers took advantage of a leak in Microsoft Exchange, which many companies use for email.
Not if but when
Ros does not want to say whether money has been paid to the hackers. However, a "solution" has been found. "After that we had to rebuild our entire ICT infrastructure: install new servers, establish connections with customers and extra firewalls. All laptops were also 'digitally washed'"
All that cost a lot of money. "We had to throw out products that were out of date and hire experts. As a company, we lost a lot of money, but it's not like we're at risk of collapse."
However, some effects are still felt months later. "The fear is still there. If you can't start your computer, so to speak, you think for a moment: it won't be? I wouldn't wish it on anyone. We have learned a lot from it, that's great, but the impact is huge."
Patrick Brouwer's hosting company was the victim of a ransomware attack in 2019. "I've had people on the phone crying, grown men saying: I've lost everything and can close the company."
Anger, but most of all, helplessness. The personal suffering after such an attack is sometimes great, says cybersecurity expert Joost Gijzel of DataExpert-Interstellar, who assists companies if this happens. He often finds chaos when his help is called in. "Then I try to get an overview of the attack and the consequences, and at the same time I am a kind of crisis psychologist: a shoulder to cry on and someone who gets coffee."
According to Gijzel, it is precisely that side of the attacks - the personal one - that is still underexposed. "You have to keep in mind that such an attack happens unexpectedly and there are not always plans ready. Often this was already an item on the corporate agenda that still had to be addressed: namely, what do we do if we are hit by ransomware?"
Attract the blame
Gijzel compares a ransomware attack to a house break-in. "After that, the shock is often good for a long time and you keep asking yourself; could I have prevented this?" But according to Gijzel, it is often no one to blame that hackers were able to penetrate a company, except the criminals themselves.
"Individual colleagues often don the garb, fearing that the company will be locked up because of them. But it is almost unavoidable: the question is not so much whether your company will ever have to deal with this, but rather when. good to have discussed it before."
At the same time, many companies do not yet have their digital affairs in order, the Cyber Security Council recently warned. That advisory body of the cabinet sees that many companies do not think they will become victims. Even basic security measures are not followed, leaving a lot of low hanging fruit for criminals.
Burnouts, anger, but also the tendency to authoritarian: these are all consequences of an attack that Gijzel has seen. "You should almost open the cyber victim line. Fortunately, there is more and more attention for these types of attacks, hopefully also more for the personal consequences."
Source: https://nos.nl/artikel/2387092-als-je-bedrijf-platligt-door-ransomware-klanten-stonden-met-knuppels-op-de-stoep
This system brought train traffic across the country to a standstill
It is not yet known what stopped train traffic across the country yesterday. It is clear, however, that the problem was related to a failure in the communication network for drivers and traffic control. This so-called GSM-R network is not known for being rickety or unstable, but it will be replaced in a few years' time. It went wrong around 2:40 pm . Travel planners of the NS and other carriers were flooded with error messages. "Internally, we received the first reports. Suddenly a lot of disruptions came in," says Coen van Kranenburg, spokesperson for ProRail. Trains that were already on the platforms were no longer running. And for safety, trains that had yet to arrive at a platform continued at a walking pace. The result was stranded travelers at stations across the country.
It soon became clear that the GSM-R network had collapsed. This stands for GSM-Railway, a separate network that is used throughout Europe to allow trains to travel safely. It is a system based on mobile phone technology and specially developed in the 1990s for the railways, says Toon Norp, network expert at research agency TNO. "Like the police and the fire service, the railways have a network that is made for a specific application," says Norp.
It is a separate network on 2G, which exists alongside the networks of KPN, Vodafone, T-Mobile and Tele2. European railways use GSM-R so that trains do not come to a standstill at the border. "It is an incredibly stable network, with which there are seldom problems and which rarely breaks down," says Van Kranenburg, of ProRail. According to him, it is also "more robust" than telephony. Sometimes there are "little hiccups ", but he has never experienced such a big failure before. A new major failure is unlikely in the short term, thinks Van Kranenburg.
'Great system'
Norp sees that too. There is actually nothing wrong with the technology behind the GSM-R network, he says. "It is not an unsafe technique, but an excellent system." Drivers can use it to call traffic control. It is also used to control train traffic. "For example, a train can say: I am now on this part of the track. Then it is clear that no other train is allowed to drive on that part." Wijnand Veeneman, public transport expert at TU Delft, calls the system "a bit old-fashioned". It makes sense that it is outdated. "Mobile phones are old-fashioned after two years, because the technology in that world is updated faster. But we don't have new trains every two years."
Camera images
Work is underway on a replacement for the GSM-R network, which can process more data on the basis of 5G. Because calling and sending data works fine with 2G, but sending camera images is not possible with it - and European railway companies want to be able to do that. The new system should be in place by 2030. Researcher Norp: "GSM-R will not be replaced because it would be unsafe. Compare it to cars. A diesel works well, but we still want to switch to electric cars because we find other things important." It is unknown what exactly caused the outage. ProRail expects to provide more information on Tuesday. The rail manager has no indications of a hack. Also, spokesman Van Kranenburg has not heard anything about ransomware , ransomware to secure important files until a ransom is paid.
Source: https://nos.nl/artikel/2383101-door-dit-systeem-lag-treinverkeer-in-hele-land-plat
Almost one in five factories in the Netherlands has supply problems
The supply problems for Dutch factories are getting bigger and bigger. Production is now faltering at almost one in five factories, partly because materials do not come in. This is apparent from an ING analysis of figures from the Central Bureau of Statistics. In the most recent survey by the agency, one in three factories currently say they have no barriers to production at all. Before corona, that was almost half. The main obstacle is now the growing worldwide scarcity of means of production and materials. Of all manufacturers, 18 percent now say that they have production problems due to a lack of this. Earlier this year that was only half, and just before corona it was about 7 percent. A lack of money or staff is less of a problem than before corona. The demand for products that roll out of the factory here is on average a little less than before corona, but it has already picked up enormously compared to last year. It is precisely this increasing demand, for chips but also other electronic components, plastics and steel, that has recently caused problems in the chain. Global manufacturing cannot keep up with that demand.
Industry disrupted
This is the result of the corona pandemic, which has disrupted the industry. At first, production fell because factories had to close, or because they expected demand to be low due to the global crisis. The number of transports was also reduced. Subsequently, the demand for some products appeared to pick up faster than expected. For example, due to the lockdowns, laptops, TVs and telephones were in demand. Meanwhile, car manufacturers are continuing to invest in the development of electric cars, which also require chips. Because production and transport are ramping up again more slowly than shutting down, major shortages arose. Car manufacturers such as VDL Nedcar in Born had already had to stop production, and Philips, for example, was also able to produce fewer AEDs due to the scarcity. The global supply shock is also making manufacturers and retailers want to maintain slightly more buffers. Rather, they are often close to the wind, because keeping an inventory costs money and is not necessary if the process runs smoothly. Now they want to keep reserves more often, which creates even more demand.
More expensive stuff
For consumers, who have been waiting longer for some products, there is a risk of higher prices. The materials that manufacturers purchase are more expensive due to scarcity, while fuel prices have also risen. They can pass on these higher costs to the retailer, who can settle them at the checkout as long as consumer demand remains high. Although the chip shortage is expected to last well into 2022, according to some companies even into 2023, there are also bright spots. Edse Dantuma, economist at ING, expects the Dutch factories to run as well on average at the end of this year as before corona.
Source: https://nos.nl/artikel/2383973-bijna-een-op-vijf-fabrieken-nederland-heeft-toeleveringsproblemen
Philips recalls ventilators due to health risks
Philips recalls sleep apnea and ventilators due to health risks. Patients may inhale harmful foam particles and gases when in use.
This concerns between 3 and 4 million devices worldwide, some of which are also sold in the Netherlands. It is unclear how many are in use here. According to Philips, as far as is known, no people have died from the problems.
Devices at home for sleeping
Most of the devices in question are Dreamstation devices that people use at home to treat sleep apnea. In sleep apnea, a person stops breathing while sleeping. The Philips machine then ensures that breathing continues. The recalled devices are of the first-generation Dreamstations, which have been sold within the last five years. The foam inside can crumble, especially if the machine is not cleaned properly or is in a hot and humid environment. Harmful gases can also be released. The foam particles can cause headaches, irritation, inflammation and breathing problems if inhaled. The gases may cause headaches, irritation, hypersensitivity, nausea and vomiting. Both are potentially toxic and carcinogenic. Philips advises people to stop using the machines and to consult a doctor and seek alternatives. The physician can then consider whether the health risks of using the device outweigh stopping treatment.
Respirators in Hospitals
The recall also includes ventilators being used for people who need assistance with breathing. Of these, Philips advises patients not to stop taking it until a doctor has been consulted. There are also devices that Philips has made for the treatment of corona patients. Those devices were not delivered to the Netherlands, according to a spokesperson.
'At least 50,000 users in the Netherlands'
The patient association for people with apnea says that the Dreamstation device is used by a quarter of the patients, or at least 50,000 Dutch people. Acting chairman Gerjan Heuver fully supports the recall, but believes that an adequate solution must be found for the patients immediately. "Think about an exchange. Because sleeping a few nights without the device is not a good thing."
What is apnea?
Apnea is not life-threatening. In patients, breathing stops about ten to fifty times a night for a few seconds, up to dozens of times per hour. This means that they often wake up startled to breathe, and sleep restlessly. It leads to sleep deprivation, people become irritable, get headaches and concentration problems. In the long term, apnea can also be harmful to health. It increases the risk of cardiovascular disease, high blood pressure and diabetes. Apnea is more common in men than women. One of the largest suppliers of the devices, Vivisol Nederland, is receiving a lot of calls from concerned patients, but cannot provide any information about the recall yet. The company is still in consultation with Philips about this, says a spokesperson. "Philips is speeding up with a new version of the Dreamstation and we have a warehouse full of devices from other brands." Incidentally, Vivisol expects that the problems with the devices mainly occur in the United States, because users there often clean them with ozone and it is warmer and more humid there.
Seen risks before
In April, at the presentation of quarterly figures, Philips already announced that there were risks with the devices. Further tests have now given rise to the devices to be removed from the market. In the near future, the company wants to replace the harmful foam with another foam. It is still waiting for permission from the authorities, according to the spokesperson. They must first approve any modification of a medical device. The company does not yet know how long that will take. To tackle the problems, Philips has set aside half a billion euros. It won't affect sales and profits, it thinks, because the other departments are doing well enough to offset the costs.
Source: https://nos.nl/artikel/2384971-philips-roept-beademingsapparaten-terug-vanwege-gezondheidsrisico-s
If your company is down due to ransomware: 'Customers were on the doorstep with clubs'
"It felt like a robbery. Something had happened to us that prevented us from doing our job," says Erik Ros, director at Bakker Logistics. His company made headlines in April after a ransomware attack that prevented supermarkets from stocking cheese.
Concerns about ransomware attacks are growing: the National Coordinator for Counterterrorism and Security declared it a threat to national security today.
In addition to financial consequences, an attack also has a long personal aftermath for the people who work at affected companies, Ros says. "You feel very powerless and frustrated, we were unable to deliver anything. Soon after, we took action, then you go into solutions By processing orders manually, for example. We immediately hired a cybersecurity company and they guided us through it."
'Robbery'
The attack is discovered on April 4 at 2 am. Less than two hours later, the entire board meets in an online crisis team meeting. "The business runs 24 hours a day, teams had seen a hiccup in the system and were right, something is not right here."
While an IT colleague is being called, they get the first notification on the screen. It's a message from the hackers.
“If you can't start your computer, so to speak, do you think for a moment: it won't be? I don't wish it on anyone. Erik Ros, Bakker Logistics
"We were encrypted, it said, and had to pay to access our system. To protect our customers, all connections between us and our customers were shut down. We couldn't do anything, were literally mugged."
Ros had heard of a ransomware attack, but it had never happened to him before. "The hackers didn't get in through a phishing email or a malicious link. Everything worked properly and yet it happened." The hackers took advantage of a leak in Microsoft Exchange, which many companies use for email.
Not if but when
Ros does not want to say whether money has been paid to the hackers. However, a "solution" has been found. "After that we had to rebuild our entire ICT infrastructure: install new servers, establish connections with customers and extra firewalls. All laptops were also 'digitally washed'"
All that cost a lot of money. "We had to throw out products that were out of date and hire experts. As a company, we lost a lot of money, but it's not like we're at risk of collapse."
However, some effects are still felt months later. "The fear is still there. If you can't start your computer, so to speak, you think for a moment: it won't be? I wouldn't wish it on anyone. We have learned a lot from it, that's great, but the impact is huge."
Patrick Brouwer's hosting company was the victim of a ransomware attack in 2019. "I've had people on the phone crying, grown men saying: I've lost everything and can close the company."
Anger, but most of all, helplessness. The personal suffering after such an attack is sometimes great, says cybersecurity expert Joost Gijzel of DataExpert-Interstellar, who assists companies if this happens. He often finds chaos when his help is called in. "Then I try to get an overview of the attack and the consequences, and at the same time I am a kind of crisis psychologist: a shoulder to cry on and someone who gets coffee."
According to Gijzel, it is precisely that side of the attacks - the personal one - that is still underexposed. "You have to keep in mind that such an attack happens unexpectedly and there are not always plans ready. Often this was already an item on the corporate agenda that still had to be addressed: namely, what do we do if we are hit by ransomware?"
Attract the blame
Gijzel compares a ransomware attack to a house break-in. "After that, the shock is often good for a long time and you keep asking yourself; could I have prevented this?" But according to Gijzel, it is often no one to blame that hackers were able to penetrate a company, except the criminals themselves.
"Individual colleagues often don the garb, fearing that the company will be locked up because of them. But it is almost unavoidable: the question is not so much whether your company will ever have to deal with this, but rather when. good to have discussed it before."
At the same time, many companies do not yet have their digital affairs in order, the Cyber Security Council recently warned. That advisory body of the cabinet sees that many companies do not think they will become victims. Even basic security measures are not followed, leaving a lot of low hanging fruit for criminals.
Burnouts, anger, but also the tendency to authoritarian: these are all consequences of an attack that Gijzel has seen. "You should almost open the cyber victim line. Fortunately, there is more and more attention for these types of attacks, hopefully also more for the personal consequences."
Source: https://nos.nl/artikel/2387092-als-je-bedrijf-platligt-door-ransomware-klanten-stonden-met-knuppels-op-de-stoep
This system brought train traffic across the country to a standstill
It is not yet known what stopped train traffic across the country yesterday. It is clear, however, that the problem was related to a failure in the communication network for drivers and traffic control. This so-called GSM-R network is not known for being rickety or unstable, but it will be replaced in a few years' time. It went wrong around 2:40 pm . Travel planners of the NS and other carriers were flooded with error messages. "Internally, we received the first reports. Suddenly a lot of disruptions came in," says Coen van Kranenburg, spokesperson for ProRail. Trains that were already on the platforms were no longer running. And for safety, trains that had yet to arrive at a platform continued at a walking pace. The result was stranded travelers at stations across the country.
It soon became clear that the GSM-R network had collapsed. This stands for GSM-Railway, a separate network that is used throughout Europe to allow trains to travel safely. It is a system based on mobile phone technology and specially developed in the 1990s for the railways, says Toon Norp, network expert at research agency TNO. "Like the police and the fire service, the railways have a network that is made for a specific application," says Norp.
It is a separate network on 2G, which exists alongside the networks of KPN, Vodafone, T-Mobile and Tele2. European railways use GSM-R so that trains do not come to a standstill at the border. "It is an incredibly stable network, with which there are seldom problems and which rarely breaks down," says Van Kranenburg, of ProRail. According to him, it is also "more robust" than telephony. Sometimes there are "little hiccups ", but he has never experienced such a big failure before. A new major failure is unlikely in the short term, thinks Van Kranenburg.
'Great system'
Norp sees that too. There is actually nothing wrong with the technology behind the GSM-R network, he says. "It is not an unsafe technique, but an excellent system." Drivers can use it to call traffic control. It is also used to control train traffic. "For example, a train can say: I am now on this part of the track. Then it is clear that no other train is allowed to drive on that part." Wijnand Veeneman, public transport expert at TU Delft, calls the system "a bit old-fashioned". It makes sense that it is outdated. "Mobile phones are old-fashioned after two years, because the technology in that world is updated faster. But we don't have new trains every two years."
Camera images
Work is underway on a replacement for the GSM-R network, which can process more data on the basis of 5G. Because calling and sending data works fine with 2G, but sending camera images is not possible with it - and European railway companies want to be able to do that. The new system should be in place by 2030. Researcher Norp: "GSM-R will not be replaced because it would be unsafe. Compare it to cars. A diesel works well, but we still want to switch to electric cars because we find other things important." It is unknown what exactly caused the outage. ProRail expects to provide more information on Tuesday. The rail manager has no indications of a hack. Also, spokesman Van Kranenburg has not heard anything about ransomware , ransomware to secure important files until a ransom is paid.
Source: https://nos.nl/artikel/2383101-door-dit-systeem-lag-treinverkeer-in-hele-land-plat
Almost one in five factories in the Netherlands has supply problems
The supply problems for Dutch factories are getting bigger and bigger. Production is now faltering at almost one in five factories, partly because materials do not come in. This is apparent from an ING analysis of figures from the Central Bureau of Statistics. In the most recent survey by the agency, one in three factories currently say they have no barriers to production at all. Before corona, that was almost half. The main obstacle is now the growing worldwide scarcity of means of production and materials. Of all manufacturers, 18 percent now say that they have production problems due to a lack of this. Earlier this year that was only half, and just before corona it was about 7 percent. A lack of money or staff is less of a problem than before corona. The demand for products that roll out of the factory here is on average a little less than before corona, but it has already picked up enormously compared to last year. It is precisely this increasing demand, for chips but also other electronic components, plastics and steel, that has recently caused problems in the chain. Global manufacturing cannot keep up with that demand.
Industry disrupted
This is the result of the corona pandemic, which has disrupted the industry. At first, production fell because factories had to close, or because they expected demand to be low due to the global crisis. The number of transports was also reduced. Subsequently, the demand for some products appeared to pick up faster than expected. For example, due to the lockdowns, laptops, TVs and telephones were in demand. Meanwhile, car manufacturers are continuing to invest in the development of electric cars, which also require chips. Because production and transport are ramping up again more slowly than shutting down, major shortages arose. Car manufacturers such as VDL Nedcar in Born had already had to stop production, and Philips, for example, was also able to produce fewer AEDs due to the scarcity. The global supply shock is also making manufacturers and retailers want to maintain slightly more buffers. Rather, they are often close to the wind, because keeping an inventory costs money and is not necessary if the process runs smoothly. Now they want to keep reserves more often, which creates even more demand.
More expensive stuff
For consumers, who have been waiting longer for some products, there is a risk of higher prices. The materials that manufacturers purchase are more expensive due to scarcity, while fuel prices have also risen. They can pass on these higher costs to the retailer, who can settle them at the checkout as long as consumer demand remains high. Although the chip shortage is expected to last well into 2022, according to some companies even into 2023, there are also bright spots. Edse Dantuma, economist at ING, expects the Dutch factories to run as well on average at the end of this year as before corona.
Source: https://nos.nl/artikel/2383973-bijna-een-op-vijf-fabrieken-nederland-heeft-toeleveringsproblemen
Philips recalls ventilators due to health risks
Philips recalls sleep apnea and ventilators due to health risks. Patients may inhale harmful foam particles and gases when in use.
This concerns between 3 and 4 million devices worldwide, some of which are also sold in the Netherlands. It is unclear how many are in use here. According to Philips, as far as is known, no people have died from the problems.
Devices at home for sleeping
Most of the devices in question are Dreamstation devices that people use at home to treat sleep apnea. In sleep apnea, a person stops breathing while sleeping. The Philips machine then ensures that breathing continues. The recalled devices are of the first-generation Dreamstations, which have been sold within the last five years. The foam inside can crumble, especially if the machine is not cleaned properly or is in a hot and humid environment. Harmful gases can also be released. The foam particles can cause headaches, irritation, inflammation and breathing problems if inhaled. The gases may cause headaches, irritation, hypersensitivity, nausea and vomiting. Both are potentially toxic and carcinogenic. Philips advises people to stop using the machines and to consult a doctor and seek alternatives. The physician can then consider whether the health risks of using the device outweigh stopping treatment.
Respirators in Hospitals
The recall also includes ventilators being used for people who need assistance with breathing. Of these, Philips advises patients not to stop taking it until a doctor has been consulted. There are also devices that Philips has made for the treatment of corona patients. Those devices were not delivered to the Netherlands, according to a spokesperson.
'At least 50,000 users in the Netherlands'
The patient association for people with apnea says that the Dreamstation device is used by a quarter of the patients, or at least 50,000 Dutch people. Acting chairman Gerjan Heuver fully supports the recall, but believes that an adequate solution must be found for the patients immediately. "Think about an exchange. Because sleeping a few nights without the device is not a good thing."
What is apnea?
Apnea is not life-threatening. In patients, breathing stops about ten to fifty times a night for a few seconds, up to dozens of times per hour. This means that they often wake up startled to breathe, and sleep restlessly. It leads to sleep deprivation, people become irritable, get headaches and concentration problems. In the long term, apnea can also be harmful to health. It increases the risk of cardiovascular disease, high blood pressure and diabetes. Apnea is more common in men than women. One of the largest suppliers of the devices, Vivisol Nederland, is receiving a lot of calls from concerned patients, but cannot provide any information about the recall yet. The company is still in consultation with Philips about this, says a spokesperson. "Philips is speeding up with a new version of the Dreamstation and we have a warehouse full of devices from other brands." Incidentally, Vivisol expects that the problems with the devices mainly occur in the United States, because users there often clean them with ozone and it is warmer and more humid there.
Seen risks before
In April, at the presentation of quarterly figures, Philips already announced that there were risks with the devices. Further tests have now given rise to the devices to be removed from the market. In the near future, the company wants to replace the harmful foam with another foam. It is still waiting for permission from the authorities, according to the spokesperson. They must first approve any modification of a medical device. The company does not yet know how long that will take. To tackle the problems, Philips has set aside half a billion euros. It won't affect sales and profits, it thinks, because the other departments are doing well enough to offset the costs.
Source: https://nos.nl/artikel/2384971-philips-roept-beademingsapparaten-terug-vanwege-gezondheidsrisico-s
Translated from Dutch to English with Google translate