From an analysis of ransomware attacks in the Netherlands in 2024, made possible by the collaboration within Project Melissa, it appears that cybercriminals are not using new techniques to deploy ransomware. Criminals still gain access most often through software vulnerabilities and account takeovers. Properly setting up patch management is one of the five basic measures to protect your organization against a ransomware attack. Read more about the five basic principles of digital resilience to make it harder for cybercriminals.
Cybersecurity Act
Organizations that are designated as important and essential will have a duty of care from the moment the Cybersecurity Act (Cbw) comes into effect. The Cbw will be implemented in the course of 2025. This duty of care includes conducting a risk analysis, measures regarding backup management, incident handling, basic cyber hygiene, and the use of multi-factor authentication. Although the Cbw has not yet been implemented, organizations can already start working on it. Read here how you can prepare your organization, even if it does not have a duty of care.
121 unique incidents
The number of incidents within the analysis has slightly decreased compared to last year. There are 121 unique incidents. 76 of these incidents are known through reports and 20 through incident response companies. In addition, there is an overlap in 25 incidents - these are incidents that have emerged from both the monthly survey and the police report data.
Incidents in large and medium-sized organizations (from about 50 FTE) are visible in about 40% of cases through the mentioned sources, while this is only 10-15% for SMEs. This suggests that the actual number of ransomware attacks is higher.
Call to Action
Only together can we make our understanding of ransomware in the Netherlands more complete and make a stand against ransomware. If your company assists ransomware victims, we would like to discuss with you the possibilities and the importance of contributing to these statistics. Email for more information at info@ncsc.nl.
Filing a report is crucial if you as a business or individual have become a victim of ransomware. Even if criminals have already been paid, this provides the police with important information. A report can contain missing information that allows the police to unlock the system. It also helps in finding suspects.
View the complete Ransomware Year Overview 2024.
Endgame
Melissa is a partnership between public and private parties to combat ransomware attacks. The joint goal is to make the Netherlands an unattractive target for ransomware criminals. In the Netherlands, there was also collaboration in 2024 with partners of the Melissa partnership in operation Endgame. With more than 14 countries and various partners, the police worldwide dismantled multiple botnets that played a key role in international cybercrime. By taking down these botnets, the supply line of cybercrime victims has been thoroughly and for a long time disrupted.