Dutch people feel less safe online than on the streets. Statistics Netherlands (CBS) estimates that 2.2 million people will have become victims of cybercrime by 2022. In the horticultural sector, one in five entrepreneurs is a victim. Those figures do not show what happened to people. What is clear is that this is a major social problem. Yet, we have hardly seen this topic mentioned in the context of the upcoming elections. Among politicians, we mostly see concerns about privacy, an open and secure internet, and the dangers of AI technology.
In conversations with growers and buyers, we notice that the number of incidents is clearly increasing. That includes successful attempts, with the entrepreneur bemoaning afterwards that it happened to him or her. We see a sharp increase in spear phishing in particular. Criminals send personalized emails or requests based on extensive research on social media to their intended targets. Using this information, they trick their victims into thinking they are receiving a legitimate email or invoice, for example. The cases we came across involved payments in the order of 100,000 euros. The email address used might differ by only one letter, and the bank account is in a far-off foreign country. The scam can be prevented by a call to the already-known number of the existing relationship.
Phishing
Cybercriminals use a range of methods besides the aforementioned 'spear phishing.' One method that regularly makes the news is ransomware, where your computer system is hijacked and you can no longer access anything. A ransom is then demanded. The advice from the police is invariably not to pay. The KNVB was recently a victim, and it paid anyway. The criminals threatened to spread confidential information about professional footballers. The dilemma is clear. It is preventable by immediately taking the right measures to recover from a ransomware attack.
The examples show well why we talk about cyber resilience rather than cyber security or digital safety. The latter may suggest that it is mainly about taking measures at the level of IT systems, such as installing antivirus programs. In cyber resilience, the role of humans comes much more to the fore. Indeed, in practice, the biggest vulnerability is posed by humans. By clicking on a file in a phishing email, the director or one of his employees gives criminals access to the system. Another risk is granting remote access to too large a group of people or, for convenience, giving a remote supplier access to the entire system. If the door is open to him, it is a route for criminals to try to break in.
Awareness and knowledge
People really are the weakest link. If at all possible, they choose the simplest password possible, share an account with colleagues in the department for convenience, grumble about the use of multi-factor authentication (MFA), or complain when they are forced to change the password. That weakest link is probably also the reason why 75 percent of companies have experienced cybercrime to a greater or lesser extent. From Royal FloraHolland, we very emphatically see a responsibility towards the entire floriculture chain, especially towards our members. We want to make the entire chain and all parties involved more resilient.
With this in mind, we have co-initiated the creation of the Cyber Resilience Centre Greenport. This club focuses on strengthening the digital resilience of companies, especially in the greenhouse horticulture sector. Together with other parties, we work on awareness and knowledge. In cooperation with the Cyber Resilience Centre, we are introducing an RFH Cyber subscription for our supporters. We are doing this to help growers and buyers on their way to digital resilience.
The RFH cyber subscription includes the following:
- Regular cyber updates: Stay informed with eight cyber update newsletters from the Cyber Resilience Centre Greenport. Receive important updates and stay alert to developments in cybersecurity. Learn from practical stories and background articles (free).
- Practical tools: Get access to practical tools designed to increase your cyber resilience. Protect your business against digital threats (free for members)
- Threat intelligence: Receive regular overviews of threat information so you can proactively respond to potential threats (free).
- Exclusive events: As a subscriber, you can participate in an annual event at Royal FloraHolland. Think crisis exercises or inspiring cybercafés. You will learn from experts and the network (free of charge).
- Offers: Benefit from a collective offer for various services and services that take your cyber security to a higher level. Think antivirus software and monitoring services at attractive rates (paid).