Dutch companies are most attacked from the US (47%), the Netherlands (17%) and Germany (7%). The healthcare sector is still the biggest target with an average of 2264 attacks per week, followed by the consultancy sector with an average of 1280 weekly attacks and government/military institutions with an average of 1046 attacks per organization per week.
Biggest vulnerabilities for Dutch companies
The most common type of vulnerability is Information Disclosure, accounting for 54% of all vulnerabilities in the Netherlands. Information Disclosure is a vulnerability in software that allows an unauthorized user or attacker to gain access to sensitive data or information that needs to be protected. The top malware in the Netherlands is Androxgh0st, a botnet that targets Windows, Mac, and Linux platforms. For the initial infection, Androxgh0st uses multiple vulnerabilities, specifically targeting PHPUnit, Laravel Framework, and Apache Web Server. The malware steals sensitive information such as Twilio account details, SMTP credentials, AWS key, etc. It uses Laravel files to collect the required information. There are different variants that scan for different information. Of all malicious files, 60% are sent via the web and 40% via email.
Global cybersecurity trends
Cyberattacks are on the rise globally, with a 30% increase in weekly attacks on enterprise networks in Q2 2024 compared to Q2 2023, and a 25% increase compared to Q1 2024. The average of 1,636 attacks per organization per week underscores the increasing sophistication and persistence of threat actors. Several cyberthreat trends are occurring simultaneously.
For example, the education and research sector has always been a popular target for cybercriminals due to the large amount of sensitive information and often inadequate cybersecurity measures, made even more complex by the fact that multiple groups of online users inside and outside the network increase the attack vector surface. The education/research sector was the most attacked sector globally, with a 53% increase in Q2 2024 compared to Q2 2023, with an average of 3,341 attacks per organization per week.
Government/Military was the second most targeted sector with 2,084 attacks per week, reflecting the high stakes of cyber espionage and disruption at the state level. Looking back at cyber attacks against the healthcare sector in Q2, healthcare organisations saw an average of 1,999 weekly attacks per organisation, which was 15% higher than last year. Hackers like to target hospitals because they often find that they lack cybersecurity resources. Smaller hospitals are particularly vulnerable, as they do not have the resources and staff to deal with a sophisticated cyber attack. Healthcare is the third most targeted sector globally among all cyber attacks, and in the Netherlands it is the number one and most targeted sector of all sectors. It is so lucrative for hackers because they are after information such as health insurance, medical record numbers and sometimes even personal identification numbers.
Both At the country level, as well as at the European and global level, we see strong shifts. 2024 is a year marked by geopolitical tensions, economic shifts and elections worldwide. At the beginning of this year, we already identified a rising trend in hacktivism where the boundaries between state cyber operations and hacktivism have blurred, as more and more hacktivist groups are now connected to the state. The hacktivist groups are better organized and more effective than ever before.
Of The increase in attacks on specific industries and regions, combined with the complexity of tactics, emphasize the need for a comprehensive and preventive approach to cybersecurity and adaptive, AI-driven defense strategies. In addition, NIS2, the new regulation on cybersecurity for companies, is also on the way. The increasing number of attacks in the Netherlands not only confirms the need for the implementation of the renewed legislative framework, but also calls on organizations in all sectors to take a critical look at their cybersecurity solutions and prioritize cybersecurity. The impact of a cyberattack can be enormous and causes more serious disruptions to day-to-day business operations than ever before. Constantly creating awareness in combination with continuous alertness and investing in innovative defense strategies must remain the absolute focus in this context.
By Zahier Madhar, security engineer expert at Check Point.
