Danger without limits: international commitment to an open, free and secure internet (cybersecurity) | ministries


blog entry | 05-31-2022 | Ministry of Foreign Affairs

cyber security (online safety) is becoming more and more important. Ransomware, phishing, disinformation and new technologies like artificial intelligence affect our security. in the series unlimited danger You can read what the Ministry of Foreign Affairs (BZ) does for the safety of all Dutch people. Today the question is: what is BZ doing for an open, free and secure Internet?

For the answer we sat down with Michael Thijssen. He works at the Ministry of Foreign Affairs in the Cyber ​​Task Force† East workgroup makes international plans and agreements for cyberspace (the digital world).

“The world is getting smaller and smaller thanks to the Internet. But that also means that the dangers are closer to our door.”

Why is cyber important?

“We are becoming more and more dependent on cyberspace,” says Michael. “Our work and private lives are moving more and more into the digital world. Corona has done this even faster: We see how dependent we have become on the Internet. The crowds in cyberspace are increasing, and with them the vulnerabilities of the people and societies that use it.”

“It cannot be taken for granted that everything that happens online remains private and secure. Or that the online world is neutral and easily accessible everywhere and to everyone. Cyber ​​espionage, sabotage and, for example, the spread of disinformation (fake news) have become important tools in the struggle for power in the world”.

“Now we are also seeing this in Ukraine, where there have been multiple cyberattacks and the spread of disinformation. At the same time, we see a dichotomy emerging. Between countries that block free Internet access and countries like the Netherlands that fight for an open, free and secure Internet. This shows how important it is that we make international plans and agreements for cybersecurity.”

What could be the consequences of a cyber attack?

“All the (computer) systems that we need in our daily lives can be vulnerable to attacks such as hacking or sabotage. Think of the payment systems or the smart devices we use at home. The Netherlands is regularly the target of cyber attacks. And if you look at how fast the digital world is developing, it seems that this threat is growing. One concern, for example, is that the attacks target the shutdown of ‘vital infrastructure’: systems that are essential to the functioning of a society. Think about access to electricity, internet and payment transactions.”

Cyber ​​threat in the Netherlands

“In cyberattacks, it is often difficult to trace the perpetrators. They keep using new methods to achieve their goals. That makes attackers a moving target.”

The Netherlands Cyber ​​Security Assessment 2021 (CSBN 2021) provides information on the digital threat to the Netherlands and the interests that could be affected by it. The CSAN is reviewed annually by the National Counterterrorism and Security Coordinator (NCTV) established.

“You can do a lot of damage through cyber with few people or resources. Not just stealing money or information, but also shutting down companies or government organizations. Cybernetics can also be used to generate mistrust in a country for a particular political agenda. For example, sharing fake news.”

“You can do a lot of damage with few people or resources.”

The NCTV, the NCSC, the AIVD, the MIVD, the National Police and the Public Ministry play an important role in analyzing and combating cyber threats against the Netherlands. But a diplomatic approach is also of great importance for a more secure cyberspace.

Foreign cyber attacks targeting the Netherlands

“All countries are responsible for what happens within their borders,” says Michael. “But if a country does too little to act against cyberattacks originating there, the Foreign Office has an important role to play in holding that country to account. Especially if it turns out that the perpetrators are not only acting in their own interest, but also in the interest of a government.”

“Some countries have an offensive cyber program, also targeting the Netherlands. This allows countries to achieve economic gains or harm Dutch interests. For example, gathering information through espionage that weakens the Dutch negotiating position.”

The consequences of international cyber-attacks are becoming more noticeable for the government, companies and the Dutch. But what can diplomats do about it?

International game rules for the online world

“The online world is constantly changing,” explains Michael. “That is why we must continue making international agreements on what is and is not allowed. And we must make sure that as many countries as possible support these agreements. At the Ministry of Foreign Affairs we are committed to establishing such rules at the international level. To this end, we negotiate in the United Nations (UN), the European Union (EU), NATO and the OSCE and are working on ‘rules of the street’ for cyberspace.

So there is a lot of consultation, but with a clear objective: to develop international rules for cyber that all countries adhere to. That also means that we have to act like this. No happens

Diplomatic response to cyber attacks

“In the event of a cyber attack, you should always check first: who is doing it? Is the attack led by a government? Is it an attack where we must respond by diplomatic means? And if so, how can we do better? Together with other countries you are stronger. This is why we have developed tools within the EU to rapidly respond to cyberattacks from other countries across the EU.”

“Such a reaction can take many forms. Simply making public what a country is trying to do in secret (name and shame) can have a deterrent effect, especially if we do it together with many countries. Examples include the recent EU statements on cyber attacks in Ukraine, the Ghostwriter hack and leakcampaign in the run-up to the German elections. Or the EU statement on cyber espionage from Chinese territory. But sometimes it can also be better to address countries only behind closed doors about cyber misbehavior. Another tool we have is the imposition of sanctions, under the EU cyber-sanctions regime.”

In formulating diplomatic responses to cyber attacks, the Ministry of Foreign Affairs works closely with services and departments, such as AIVD, MIVD, NCTV, NCSC, Defense and National Police. “We depend on their intelligence and analysis and we must ensure that our diplomatic response aligns well with their cyber engagement.”

But the ultimate goal remains for countries to adhere to the rules that we have developed in the UN context for cyberspace.

Cybersecurity: we are only as strong as the weakest link

In addition to its commitment to international standards and diplomatic responses to cyber attacks, the Ministry of Foreign Affairs is committed to increasing the cyber capabilities of other countries.

Why is this also important for security in the Netherlands? “We are only as strong as the weakest link,” says Michael. “Take a computer virus, for example: just like a real virus, it can’t be stopped at the border. So when such a threat comes to us from many places, it is also difficult for us to stay away. A hack abroad can also affect the Netherlands indirectly. For example, if food or other products can no longer be supplied as a result.”

“This is why we help other countries increase their resilience, helping them to participate in the international discussion on cyber standards and develop their own cyber policies. For example, we play an important role in establishing the Global Forum on Cyber ​​Experience (GFCE)To share knowledge and establish projects internationally, for security around the world.”

Safety in the Netherlands

This is how the Ministry of Foreign Affairs contributes to security in the Netherlands. By upholding international rules within cyberspace. Acting diplomatically against cyber attacks from abroad, or against countries that want to take advantage of them. And by sharing knowledge globally, so that other countries can also increase their cybersecurity. Because a safer world is a safer Holland.

More from the series Danger without limits

What is the Ministry of Foreign Affairs doing to ensure their safety? We answer that question for you in this series. Would you like to know more about other topics in the field of security, such as terrorism and climate change? Then check out the rest of the series.

Leave a Comment